--------------- QuickDiag | g3n-h@ckm@n | V5_23.02.19.1 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 25/02/2019 16:38:41

Updated 23/02/2019 | 09:30 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[Loïc (Administrator)] - [PC-LOIC] (S-1-5-21-4117569676-3186425540-4251289028-1001)

System: Microsoft Windows 10 Famille - - (10.0.17763) -  BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1809)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4
Boot : Normal boot
PC: X751LX - ASUSTeK COMPUTER INC. - IdNumber: F3N0WU247234139 - UUID: C6F42741-0E9F-3A49-8327-51F34D016159
Processor : X64 - 2197 Mhz - Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
X751LX.300 - en|US|iso8859-1 - American Megatrends Inc. - S/N: F3N0WU247234139     - X751LX.300 - _ASUS_ - 1072009
CoreTemp : 29.8 Celsius

----------| Extended


---------- | SoundDevice

NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000
Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0233&SUBSYS_1043146F&REV_1000\4&2CC91C62&0&0001

---------- | Video

Intel(R) HD Graphics 5500 - Resolution: 1600x900 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll,igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_1616&SUBSYS_241A1043&REV_09\3&11583659&1&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824
NVIDIA GeForce GTX 950M - Resolution: x - Colors: - RefreshRate: -  Bits Per Pixel - DeviceID: VideoController2 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_139A&SUBSYS_241A1043&REV_A2\4&EBF2A58&0&00E4 - AdapterCompatibility: NVIDIA - RAM: -2147483648
Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 5500 - DriverVersion: 20.19.15.4549 - SpecificationVersion: 1025

---------- | Codecs

c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34800 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 92672 -  Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK
c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36680 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 -  Manufacturer: Microsoft Corporation - Status: OK

---------- | CPU

CPU #1 value:25 %
CPU #2 value:19 %
CPU #3 value:37 %
CPU #4 value:37 %
Total Overall CPU Usage value:30 %

---------- | Network

Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec
Qualcomm Atheros AR956x Wireless Network Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec

Overall -> SEND Maxium:30 bytes/sec,  /  RECEIVE Maximum:0 bytes/sec

Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000
Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_200F1043&REV_12\24723413684CE00001
Qualcomm Atheros AR956x Wireless Network Adapter - Ethernet 802.3 - Qualcomm Atheros Communications Inc. - Status: - PnPID : PCI\VEN_168C&DEV_0036&SUBSYS_21301A3B&REV_01\4&D83608&0&00E3
Microsoft Wi-Fi Direct Virtual Adapter #4 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&E092D85&0&11
Bluetooth Device (Personal Area Network) - - - Status: - PnPID : 
Microsoft Wi-Fi Direct Virtual Adapter #3 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&E092D85&0&12
WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT
WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT
WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT
WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT
WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT
WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP
WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6
WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH

---------- | Memory

RAM = Total (MB) : 7798 | Free (MB) : 4289
Pagefile = Total (MB) : 9698 | Free (MB) : 6224
Virtual = Total (MB) : 4194 | Free (MB) : 3923

Physical Memory 0 : Capacity: 4294967296 - ChannelA-DIMM0 - Posit.: - Manufacturer: Samsung - PartNumber:                   - S/N: 00000000
Physical Memory 1 : Capacity: 4294967296 - ChannelB-DIMM0 - Posit.: 1 - Manufacturer: Hynix/Hyundai - PartNumber: HMT451S6BFR8A-PB  - S/N: 16415B11

---------- | SID Users

Administrateur : [S-1-5-21-4117569676-3186425540-4251289028-500]
DefaultAccount : [S-1-5-21-4117569676-3186425540-4251289028-503]
HomeGroupUser$ : [S-1-5-21-4117569676-3186425540-4251289028-1003]
Invité : [S-1-5-21-4117569676-3186425540-4251289028-501]
Loïc : [S-1-5-21-4117569676-3186425540-4251289028-1001]
WDAGUtilityAccount : [S-1-5-21-4117569676-3186425540-4251289028-504]
Administrateurs : [S-1-5-32-544]
IIS_IUSRS : [S-1-5-32-568]
Invités : [S-1-5-32-546]
Lecteurs des journaux d’événements : [S-1-5-32-573]
System Managed Accounts Group : [S-1-5-32-581]
Utilisateurs : [S-1-5-32-545]
Utilisateurs de gestion à distance : [S-1-5-32-580]
Utilisateurs de l’Analyseur de performances : [S-1-5-32-558]
Utilisateurs du journal de performances : [S-1-5-32-559]
Utilisateurs du modèle COM distribué : [S-1-5-32-562]
HomeUsers : [S-1-5-21-4117569676-3186425540-4251289028-1002]
WinRMRemoteWMIUsers__ : [S-1-5-21-4117569676-3186425540-4251289028-1000]

---------- | SystemAccounts

Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK
Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK
Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK
Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK
Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK
Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK
Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK
Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK
Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK
Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK
Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK
Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK
Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK
Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK
Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK
Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK
Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK
Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK
Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK
Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK
Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK
Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK
Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK
Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK
Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK

---------- | Drives

C:\ -> [Fixed] | [OS] | Total : 372.6 Go | Free : 36.37 Go -> NTFS [SATA]
D:\ -> [Fixed] | [Data] | Total : 542.8 Go | Free : 538.9 Go -> NTFS [SATA]

Disk Usage Information [1 total Physical Disks]

Physical Drive #0 [C:, D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec 

Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec

DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_HGST&PROD_HTS721010A9E6300\4&B6ADA1B&0&000000

---------- | Windows updates - Activation - License


W.A.T : :)

Test 1 : Windows Is Activated
Test 2 : Windows Is NOT Activated

Volume License


---------- | Browsers

IE : 11.0.17763.1     (© Microsoft Corporation. Tous droits réservés.)
GC : 72.0.3626.109     (Copyright 2018 Google Inc.)

Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" 

---------- | FlashPlayer

FlashPlayer ActiveX : 32.0.0.144
FlashPlayer Plugin : 11.3.300.268

---------- | Security

FW : WINDOWS Firewall
WMI : OK
WU: Windows Update Service [Manual(3)] = Running
AS: Windows Defender [Auto(2)] = Running
WMI: Windows Management Instrumentation [Auto(2)] = Running



---------- | Running processes

392 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.17763.1) = C:\Windows\System32\smss.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
588 | [Owner : Système | Parent : 576() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17763.1) = C:\Windows\System32\csrss.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
688 | [Owner : Système | Parent : 576() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.17763.1) = C:\Windows\System32\wininit.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
696 | [Owner : Système | Parent : 680() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17763.1) = C:\Windows\System32\csrss.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
760 | [Owner : Système | Parent : 688(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.17763.1) = C:\Windows\System32\services.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
780 | [Owner : Système | Parent : 688(wininit.exe) | 18.27 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.17763.1) = C:\Windows\System32\lsass.exe     [15/09/2018 08:28:46]    CPU Usage:0 %
856 | [Owner : Système | Parent : 680() | 11.6 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.17763.1) = C:\Windows\System32\winlogon.exe     [15/09/2018 08:28:46]    CPU Usage:0 %
952 | [Owner : Système | Parent : 760(services.exe) | 3.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1000 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 13.66 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.17763.1) = C:\Windows\System32\WUDFHost.exe     [15/09/2018 08:28:52]    CPU Usage:0 %
1012 | [Owner : UMFD-1 | Parent : 856(winlogon.exe) | 8 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17763.1) = C:\Windows\System32\fontdrvhost.exe     [15/09/2018 08:28:47]    CPU Usage:0 %
1008 | [Owner : UMFD-0 | Parent : 688(wininit.exe) | 3.9 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17763.1) = C:\Windows\System32\fontdrvhost.exe     [15/09/2018 08:28:47]    CPU Usage:0 %
72 | [Owner : Système | Parent : 760(services.exe) | 31.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
804 | [Owner : SERVICE RÉSEAU | Parent : 760(services.exe) | 15.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1060 | [Owner : Système | Parent : 760(services.exe) | 8.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1156 | [Owner : DWM-1 | Parent : 856(winlogon.exe) | 83.98 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.17763.1) = C:\Windows\System32\dwm.exe     [15/09/2018 08:28:44]    CPU Usage:0 %
1268 | [Owner : Système | Parent : 760(services.exe) | 10.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1296 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 12.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1348 | [Owner : Système | Parent : 760(services.exe) | 7.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1488 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 5.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1496 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 11.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1572 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 19.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1632 | [Owner : Système | Parent : 760(services.exe) | 11.4 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe     [16/11/2018 20:13:03]    CPU Usage:0 %
1708 | [Owner : Système | Parent : 760(services.exe) | 8.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1720 | [Owner : Système | Parent : 760(services.exe) | 11.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1728 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 8.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1748 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 7.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1760 | [Owner : Système | Parent : 760(services.exe) | 69.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1780 | [Owner : Système | Parent : 760(services.exe) | 5.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1904 | [Owner : Système | Parent : 760(services.exe) | 7.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1952 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 7.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2024 | [Owner : Système | Parent : 760(services.exe) | 9.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1468 | [Owner : Système | Parent : 760(services.exe) | 9.25 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4549) = C:\Windows\System32\igfxCUIService.exe     [30/11/2016 21:56:28]    CPU Usage:0 %
1824 | [Owner : Système | Parent : 760(services.exe) | 8.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2056 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 7.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2116 | [Owner : Système | Parent : 760(services.exe) | 16.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2152 | [Owner : Système | Parent : 760(services.exe) | 10.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2200 | [Owner : Système | Parent : 760(services.exe) | 17.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2232 | [Owner : SERVICE RÉSEAU | Parent : 760(services.exe) | 12.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2352 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 13.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2504 | [Owner : Système | Parent : 760(services.exe) | 15.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2544 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 9.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2608 | [Owner : SERVICE RÉSEAU | Parent : 760(services.exe) | 8.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2616 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 6.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2688 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 13.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2832 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 7.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2932 | [Owner : Système | Parent : 760(services.exe) | 18.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3068 | [Owner : Système | Parent : 760(services.exe) | 12.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2956 | [Owner : Système | Parent : 760(services.exe) | 5.83 Mo] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.81.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe     [26/03/2014 16:24:44]    CPU Usage:0 %
3156 | [Owner : Système | Parent : 760(services.exe) | 3.44 Mo] - (.ASUS - GFNEXSrv.) - (1.0.11.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe     [21/11/2011 15:19:50]    CPU Usage:0 %
3216 | [Owner : Système | Parent : 760(services.exe) | 17.54 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.17763.1) = C:\Windows\System32\spoolsv.exe     [15/09/2018 08:28:24]    CPU Usage:0 %
3252 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 22.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3288 | [Owner : SERVICE RÉSEAU | Parent : 760(services.exe) | 8.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3440 | [Owner : Système | Parent : 760(services.exe) | 6.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3448 | [Owner : Système | Parent : 760(services.exe) | 5.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3456 | [Owner : Système | Parent : 760(services.exe) | 12.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3464 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 6.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3472 | [Owner : SERVICE RÉSEAU | Parent : 760(services.exe) | 14.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3484 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 20.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3492 | [Owner : Système | Parent : 760(services.exe) | 7.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3500 | [Owner : Système | Parent : 760(services.exe) | 22.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3508 | [Owner : Système | Parent : 760(services.exe) | 28.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3644 | [Owner : Système | Parent : 760(services.exe) | 35.14 Mo] - (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe     [20/08/2014 06:14:40]    CPU Usage:0 %
3652 | [Owner : Système | Parent : 760(services.exe) | 5.95 Mo] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.3.0.1) = C:\Windows\System32\escsvc64.exe     [16/12/2018 09:32:35]    CPU Usage:0 %
3664 | [Owner : Système | Parent : 760(services.exe) | 7.26 Mo] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Framework.) - (8.0.10100.71) = C:\Windows\SysWOW64\esif_uf.exe     [26/03/2015 20:04:16]    CPU Usage:0 %
3688 | [Owner : Système | Parent : 760(services.exe) | 8.07 Mo] - (.Atheros - Atheros Coex Service Application.) - (8.0.0.270) = C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe     [27/08/2014 20:23:02]    CPU Usage:0 %
3748 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 5.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3820 | [Owner : Système | Parent : 760(services.exe) | 6.84 Mo] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe     [12/08/2015 16:03:42]    CPU Usage:0 %
3840 | [Owner : Système | Parent : 760(services.exe) | 49.19 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.2.0.704) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe     [01/01/2018 22:59:54]    CPU Usage:0 %
3868 | [Owner : Système | Parent : 760(services.exe) | 9.7 Mo] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.4.11.66) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe     [26/03/2015 20:08:31]    CPU Usage:0 %
3896 | [Owner : Système | Parent : 760(services.exe) | 13.85 Mo] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.5.12.11) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe     [26/03/2015 20:08:51]    CPU Usage:0 %
3920 | [Owner : Système | Parent : 760(services.exe) | 12.84 Mo] - (.Apple Inc. - MobileDeviceService.) - (17.374.70.19) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe     [22/09/2016 15:53:50]    CPU Usage:0 %
3960 | [Owner : Système | Parent : 760(services.exe) | 12.75 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.1.1979.3879) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe     [29/07/2015 15:15:46]    CPU Usage:0 %
3992 | [Owner : Système | Parent : 760(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.1902.2) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe     [23/02/2019 15:36:29]    CPU Usage:0 %
4088 | [Owner : SERVICE LOCAL | Parent : 3440(svchost.exe) | 10.12 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.17763.1) = C:\Windows\System32\dasHost.exe     [15/09/2018 08:28:36]    CPU Usage:0 %
2880 | [Owner : Système | Parent : 760(services.exe) | 9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
4248 | [Owner : Système | Parent : 760(services.exe) | 12.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
4268 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 7.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
4624 | [Owner : Système | Parent : 760(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
6060 | [Owner : Système | Parent : 1632(NVDisplay.Container.exe) | 26.38 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe     [16/11/2018 20:13:03]    CPU Usage:0 %
868 | [Owner : Loïc | Parent : 3840(MBAMService.exe) | 35 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.1.0.1614) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe     [01/01/2018 22:59:48]    CPU Usage:0 %
984 | [Owner : Loïc | Parent : 3664(esif_uf.exe) | 5.56 Mo] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Framework Utility Application.) - (8.0.10100.71) = C:\Windows\Temp\DPTF\esif_assist.exe     [25/02/2019 13:46:09]    CPU Usage:0 %
4964 | [Owner : Système | Parent : 2956(AsLdrSrv.exe) | 10.15 Mo] - (.ASUSTek Computer Inc. - HControl.) - (1.0.83.4) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe     [26/05/2014 10:47:22]    CPU Usage:0 %
5588 | [Owner : Loïc | Parent : 2152(svchost.exe) | 28.38 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17763.1) = C:\Windows\System32\sihost.exe     [15/09/2018 08:28:34]    CPU Usage:0 %
3176 | [Owner : Loïc | Parent : 760(services.exe) | 14.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
1820 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 22.76 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.9034) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe     [23/02/2019 02:38:56]    CPU Usage:0 %
1960 | [Owner : Loïc | Parent : 760(services.exe) | 38.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2168 | [Owner : Loïc | Parent : 2116(svchost.exe) | 17.79 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17763.1) = C:\Windows\System32\taskhostw.exe     [15/09/2018 08:28:44]    CPU Usage:0 %
2244 | [Owner : Loïc | Parent : 2116(svchost.exe) | 1.52 Mo] - (.ASUS - ACMON.) - (1.0.8.0) = C:\Program Files (x86)\ASUS\Splendid\ACMON.exe     [05/11/2014 13:44:30]    CPU Usage:0 %
5364 | [Owner : Loïc | Parent : 2116(svchost.exe) | 0.98 Mo] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) - (4.1.1.0) = C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe     [17/12/2014 15:31:26]    CPU Usage:0 %
6156 | [Owner : Système | Parent : 760(services.exe) | 13.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
6184 | [Owner : Système | Parent : 760(services.exe) | 8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
6296 | [Owner : Loïc | Parent : 6184(svchost.exe) | 15.93 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17763.1) = C:\Windows\System32\ctfmon.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
6404 | [Owner : Système | Parent : 760(services.exe) | 6.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
6608 | [Owner : Loïc | Parent : 6528() | 103.13 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17763.107) = C:\Windows\explorer.exe     [29/10/2018 23:59:07]    CPU Usage:0 %
6624 | [Owner : Loïc | Parent : 5572() | 9.17 Mo] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.31.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe     [15/05/2014 16:23:42]    CPU Usage:0 %
6640 | [Owner : Système | Parent : 760(services.exe) | 15.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
6648 | [Owner : Système | Parent : 760(services.exe) | 8.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
6704 | [Owner : Loïc | Parent : 5508() | 7.86 Mo] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.20.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe     [23/06/2014 20:33:30]    CPU Usage:0 %
7044 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 16.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3832 | [Owner : Loïc | Parent : 2116(svchost.exe) | 0.64 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.961) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe     [26/03/2015 20:11:04]    CPU Usage:0 %
3912 | [Owner : Loïc | Parent : 3860() | 13.37 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4549) = C:\Windows\System32\igfxEM.exe     [30/11/2016 21:56:54]    CPU Usage:0 %
4052 | [Owner : Loïc | Parent : 3860() | 9.52 Mo] - (.Intel Corporation - igfxHK Module.) - (6.15.10.4549) = C:\Windows\System32\igfxHK.exe     [30/11/2016 21:57:14]    CPU Usage:0 %
2860 | [Owner : Loïc | Parent : 3860() | 11.6 Mo] - (.-.) - (0.0.0.0) = C:\Windows\System32\igfxTray.exe     [30/11/2016 21:57:46]    CPU Usage:0 %
5856 | [Owner : Loïc | Parent : 760(services.exe) | 15.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3908 | [Owner : Loïc | Parent : 72(svchost.exe) | 86.33 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17763.1) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe     [15/09/2018 08:28:58]    CPU Usage:0 %
6468 | [Owner : Loïc | Parent : 72(svchost.exe) | 11.88 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17763.1) = C:\Windows\System32\dllhost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3708 | [Owner : Loïc | Parent : 72(svchost.exe) | 29.85 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe     [15/09/2018 08:28:29]    CPU Usage:0 %
6976 | [Owner : Loïc | Parent : 72(svchost.exe) | 125.94 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.17763.1) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe     [15/09/2018 08:28:47]    CPU Usage:0 %
6400 | [Owner : Loïc | Parent : 72(svchost.exe) | 21.68 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe     [15/09/2018 08:28:29]    CPU Usage:0 %
7352 | [Owner : Loïc | Parent : 72(svchost.exe) | 8.76 Mo] - (.-.) - (8.39.0.222) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe     [23/02/2019 01:13:00]    CPU Usage:0 %
7372 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 21.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
8096 | [Owner : Loïc | Parent : 72(svchost.exe) | 17.74 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe     [15/09/2018 08:28:29]    CPU Usage:0 %
6532 | [Owner : Loïc | Parent : 72(svchost.exe) | 41.56 Mo] - (.-.) - (10.19011.1131.0) = C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe     [08/02/2019 09:19:20]    CPU Usage:0 %
6920 | [Owner : Loïc | Parent : 72(svchost.exe) | 34.02 Mo] - (.-.) - (1.0.1902.14003) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe     [23/02/2019 15:52:30]    CPU Usage:0 %
5108 | [Owner : Loïc | Parent : 72(svchost.exe) | 48.36 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.17763.1) = C:\Windows\System32\smartscreen.exe     [15/09/2018 08:28:30]    CPU Usage:0 %
8288 | [Owner : Système | Parent : 760(services.exe) | 32.14 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.17763.1) = C:\Windows\System32\SearchIndexer.exe     [15/09/2018 08:28:34]    CPU Usage:0 %
8408 | [Owner : Loïc | Parent : 6608(explorer.exe) | 12.25 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.17763.1) = C:\Windows\System32\SecurityHealthSystray.exe     [15/09/2018 08:28:39]    CPU Usage:0 %
8464 | [Owner : Loïc | Parent : 6608(explorer.exe) | 18.82 Mo] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.0.12.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe     [26/03/2015 20:08:39]    CPU Usage:0 %
8508 | [Owner : Système | Parent : 760(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1807.16384) = C:\Windows\System32\SecurityHealthService.exe     [15/09/2018 08:28:26]    CPU Usage:0 %
8576 | [Owner : Loïc | Parent : 6608(explorer.exe) | 15.72 Mo] - (.Apple Inc. - iTunesHelper.) - (12.5.4.42) = C:\Program Files\iTunes\iTunesHelper.exe     [06/12/2016 02:52:24]    CPU Usage:0 %
8712 | [Owner : Loïc | Parent : 6608(explorer.exe) | 43.46 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (19.2.107.8) = C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\OneDrive.exe     [22/04/2016 10:38:55]    CPU Usage:0 %
8804 | [Owner : Loïc | Parent : 6608(explorer.exe) | 51.04 Mo] - (.Apple Inc. - iCloud Services.) - (55.1.0.60) = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe     [05/10/2016 23:16:32]    CPU Usage:0 %
8824 | [Owner : Loïc | Parent : 6608(explorer.exe) | 11.64 Mo] - (.Seiko Epson Corporation - EPSON Status Monitor 3.) - (10.0.1.0) = C:\Windows\System32\spool\drivers\x64\3\E_YATITBE.EXE     [16/12/2018 11:19:38]    CPU Usage:0 %
8964 | [Owner : SERVICE RÉSEAU | Parent : 760(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
9016 | [Owner : Système | Parent : 760(services.exe) | 8.44 Mo] - (.Apple Inc. - iPodService Module (64-bit).) - (12.5.4.42) = C:\Program Files\iPod\bin\iPodService.exe     [06/12/2016 02:52:26]    CPU Usage:0 %
6744 | [Owner : Loïc | Parent : 72(svchost.exe) | 7.04 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe     [15/09/2018 08:28:29]    CPU Usage:0 %
7080 | [Owner : Loïc | Parent : 72(svchost.exe) | 16.84 Mo] - (.Apple Inc. - Apple Push.) - (2.5.12.33) = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe     [17/11/2016 01:28:56]    CPU Usage:0 %
9652 | [Owner : Système | Parent : 760(services.exe) | 5.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
9708 | [Owner : Loïc | Parent : 5312() | 1.3 Mo] - (.AsusTek - ASUS Smart Gesture Loader.) - (1.0.43.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe     [17/08/2016 16:52:34]    CPU Usage:0 %
9956 | [Owner : Loïc | Parent : 72(svchost.exe) | 8.63 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe     [15/09/2018 08:28:29]    CPU Usage:0 %
10188 | [Owner : Loïc | Parent : 72(svchost.exe) | 50.54 Mo] - (.-.) - (2019.18114.17710.0) = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe     [31/01/2019 10:35:39]    CPU Usage:0 %
9364 | [Owner : Système | Parent : 760(services.exe) | 8.03 Mo] - (.WildTangent - WildTangent Games App Integration Service.) - (4.0.34.25) = C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe     [24/04/2014 22:04:16]    CPU Usage:0 %
8724 | [Owner : Système | Parent : 760(services.exe) | 8.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
9600 | [Owner : Système | Parent : 760(services.exe) | 6.26 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (10.0.30.1054) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe     [06/01/2015 16:40:34]    CPU Usage:0 %
4036 | [Owner : Loïc | Parent : 760(services.exe) | 20.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
6772 | [Owner : Système | Parent : 2124() | 0.31 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.23) = C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe     [19/12/2018 09:32:46]    CPU Usage:0 %
4340 | [Owner : Système | Parent : 2124() | 0.14 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.23) = C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe     [19/12/2018 09:32:47]    CPU Usage:0 %
9880 | [Owner : Système | Parent : 760(services.exe) | 12.4 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (10.0.35.1024) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe     [06/01/2015 16:40:36]    CPU Usage:0 %
8032 | [Owner : Système | Parent : 760(services.exe) | 28.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
9276 | [Owner : Système | Parent : 760(services.exe) | 22.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
9484 | [Owner : Loïc | Parent : 72(svchost.exe) | 26.9 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe     [15/09/2018 08:28:29]    CPU Usage:0 %
8180 | [Owner : Système | Parent : 760(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.17763.1) = C:\Windows\System32\SgrmBroker.exe     [15/09/2018 08:29:13]    CPU Usage:0 %
9832 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3828 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 8.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
9888 | [Owner : Système | Parent : 760(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
10000 | [Owner : Loïc | Parent : 72(svchost.exe) | 5.3 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.17763.1) = C:\Windows\System32\SettingSyncHost.exe     [15/09/2018 08:28:58]    CPU Usage:0 %
9780 | [Owner : Loïc | Parent : 72(svchost.exe) | 37.12 Mo] - (.Microsoft Corporation - SkypeApp.) - (8.39.0.222) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeApp.exe     [23/02/2019 01:13:00]    CPU Usage:0 %
9928 | [Owner : Loïc | Parent : 72(svchost.exe) | 3.36 Mo] - (.Microsoft Corporation - Reminders WinRT OOP Server.) - (10.0.17763.1) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe     [15/09/2018 08:28:47]    CPU Usage:0 %
9188 | [Owner : Loïc | Parent : 6608(explorer.exe) | 172.64 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
976 | [Owner : Loïc | Parent : 9188(chrome.exe) | 8.79 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
7696 | [Owner : Loïc | Parent : 9188(chrome.exe) | 9.48 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
10352 | [Owner : Loïc | Parent : 9188(chrome.exe) | 109.25 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
10368 | [Owner : Loïc | Parent : 9188(chrome.exe) | 40.12 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
10592 | [Owner : Loïc | Parent : 9188(chrome.exe) | 101.77 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
11144 | [Owner : Loïc | Parent : 9188(chrome.exe) | 342.24 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
11176 | [Owner : Loïc | Parent : 72(svchost.exe) | 11.41 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe     [15/09/2018 08:28:29]    CPU Usage:0 %
9372 | [Owner : Loïc | Parent : 5008() | 34.13 Mo] - (.ASUS Cloud Corporation -.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe     [20/08/2014 06:14:56]    CPU Usage:0 %
10684 | [Owner : Loïc | Parent : 2116(svchost.exe) | 0.67 Mo] - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) - (5.812.10240.16384) = C:\Windows\System32\wscript.exe     [15/09/2018 08:28:57]    CPU Usage:0 %
11008 | [Owner : Loïc | Parent : 72(svchost.exe) | 46.94 Mo] - (.Microsoft Corporation - LockApp.exe.) - (10.0.17763.1) = C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe     [15/09/2018 08:28:52]    CPU Usage:0 %
1596 | [Owner : Loïc | Parent : 72(svchost.exe) | 29.57 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe     [15/09/2018 08:28:29]    CPU Usage:0 %
5504 | [Owner : SERVICE LOCAL | Parent : 2352(svchost.exe) | 24.38 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.17763.1) = C:\Windows\System32\audiodg.exe     [15/09/2018 08:28:20]    CPU Usage:0 %
11736 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 11.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
2392 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 5.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
9164 | [Owner : Loïc | Parent : 9188(chrome.exe) | 67.24 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
5380 | [Owner : Loïc | Parent : 1980() | 1.8 Mo] - (.Microsoft Corporation - Microsoft Office Document Cache.) - (15.0.4420.1017) = C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE     [01/10/2012 20:36:04]    CPU Usage:0 %
10008 | [Owner : Loïc | Parent : 9188(chrome.exe) | 108.7 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
11456 | [Owner : Loïc | Parent : 9188(chrome.exe) | 62.96 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
11892 | [Owner : Loïc | Parent : 9188(chrome.exe) | 49.06 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
11432 | [Owner : Loïc | Parent : 9188(chrome.exe) | 91.78 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
7820 | [Owner : Loïc | Parent : 9188(chrome.exe) | 79.75 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
8024 | [Owner : Loïc | Parent : 72(svchost.exe) | 43.27 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.17763.1) = C:\Windows\System32\ApplicationFrameHost.exe     [15/09/2018 08:28:39]    CPU Usage:0 %
7060 | [Owner : Loïc | Parent : 72(svchost.exe) | 62.08 Mo] - (.Microsoft Corporation - Windows Defender application.) - (10.0.17763.1) = C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe     [15/09/2018 08:28:40]    CPU Usage:0 %
9904 | [Owner : Loïc | Parent : 72(svchost.exe) | 10.43 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17763.1) = C:\Windows\System32\dllhost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
3260 | [Owner : SERVICE LOCAL | Parent : 760(services.exe) | 6.99 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe     [15/09/2018 08:28:45]    CPU Usage:0 %
8640 | [Owner : Loïc | Parent : 9188(chrome.exe) | 98.78 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
3700 | [Owner : Loïc | Parent : 9188(chrome.exe) | 22.86 Mo] - (.Google Inc. - Google Chrome.) - (72.0.3626.109) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [22/08/2017 11:24:30]    CPU Usage:0 %
7852 | [Owner : Loïc | Parent : 9188(chrome.exe) | 47.14 Mo] - (.SosVirus - QuickDiag.) - (23.2.19.1) = C:\Users\Loïc\Downloads\QuickDiag.exe     [25/02/2019 16:37:23]    CPU Usage:0 %
10044 | [Owner : Système | Parent : 72(svchost.exe) | 8.86 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\System32\wbem\WmiPrvSE.exe     [15/09/2018 08:28:29]    CPU Usage:0 %
11204 | [Owner : SERVICE RÉSEAU | Parent : 72(svchost.exe) | 9.55 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe     [15/09/2018 08:29:00]    CPU Usage:0 %

---------- | Locked Applications


---------- | Explorer.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll
(.Google.-.Google Drive shell extension.) - (3.43.2448.9071) -- C:\Program Files\Google\Drive\googledrivesync64.dll
(.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (20.19.15.4549) -- C:\WINDOWS\SYSTEM32\igd10iumd64.dll
(.Intel Corporation.-.Unified Shader Compiler for Intel(R) Graphics Accelerator.) - (20.19.15.4549) -- C:\WINDOWS\SYSTEM32\igdusc64.dll
(..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll
(..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll

---------- | Winlogon.exe Modules (Microsoft Files Whitelisted)


---------- | svchost.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll
(.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.23.2.0) -- C:\WINDOWS\System32\winsqlite3.dll

---------- | ZeroAccess Check

[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL
OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU
OneDrive - ("C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\...\Run]) - User: PC-LOIC\Loïc
iCloudServices - (C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\...\Run]) - User: PC-LOIC\Loïc
iCloudPhotos - (C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\...\Run]) - User: PC-LOIC\Loïc
EPLTarget\P0000000000000000 - (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATITBE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-6000 Series" [HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\...\Run]) - User: PC-LOIC\Loïc
SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public
NvBackend - ("C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [HKLM\SOFTWARE\...\Run]) - User: Public
ShadowPlay - (C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\...\Run]) - User: Public
iTunesHelper - ("C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\...\Run]) - User: Public

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background   
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe   [05/10/2016 23:16:32]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe   [05/10/2016 23:16:38]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATITBE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-6000 Series"   

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU]
"a"=cmd\1   
"MRUList"=a   

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"Device"=EPSON XP-6000 Series,winspool,Ne02:   
"IsMRUEstablished"=0   
"LegacyDefaultPrinterMode"=1   

[HKLM\Software\Microsoft\Command Processor]
"DefaultColor"=0   
"EnableExtensions"=1   
"CompletionChar"=64   
"PathCompletionChar"=64   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe   
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"   
"ShadowPlay"=C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart   
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"SecurityHealth"=0x040000000000000000000000   
"iTunesHelper"=0x040000000000000000000000   
"AuditSHD"=0x040000000000000000000000   
"NvBackend"=0x020000000000000000000000   
"ShadowPlay"=0x020000000000000000000000   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]
"APSDaemon"=0x040000000000000000000000   
"SunJavaUpdateSched"=0x040000000000000000000000   
"WebStorage"=0x060000000000000000000000   
"GrooveMonitor"=0x020000000000000000000000   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=1   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
"Win32kLastWriteTime"=1D44CC5B8389EF9   

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe   [20/08/2014 06:14:52]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=0   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED}   


---------- | Win.ini : 



---------- | System.ini : 

VideoDevice2=@device:pnp:\\?\usb#vid_0bda&pid_57bc&mi_00#6&3a3f5879&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\global
AudioDevice2="@device:cm:{33D9A762-90C8-11D0-BD43-00A0C911CE86}\wave:{CBB24171-9AEF-4358-8B5A-178FAA986437}"


---------- | Tasks List

Adobe Flash Player Updater
ASUS Smart Gesture Launcher
ASUS Splendid ACMON
ASUS USB Charger Plus
ATK Package 36D18D69AFC3
DropBox
EPSON XP-6000 Series Update {67265C27-2B04-4D8D-938E-E96257478B29}
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
Microsoft Office 15 Sync Maintenance for PC-LOIC-Loïc pc-loic
NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
OneDrive Standalone Update Task-S-1-5-21-4117569676-3186425540-4251289028-1001
Optimize Start Menu Cache Files-S-1-5-21-4117569676-3186425540-4251289028-1001
Optimize Start Menu Cache Files-S-1-5-21-4117569676-3186425540-4251289028-500
RTKCPL
Update Checker
{0E48ED3A-9615-4C81-8561-DF458D2DE606}
{FA92A664-143E-43B5-945C-3E72BA60FD2B}

---------- | Startings up registry ? Folder


---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server


[HKLM\System\CurrentControlSet\Control]
"BootDriverFlags"=28   
"CurrentUser"=USERNAME   
"EarlyStartServices"=RpcSs
Power
BrokerInfrastructure
SystemEventsBroker
DcomLaunch
RpcEpMapper
LSM
AppIdSvc   
"PreshutdownOrder"=DeviceInstall
UsoSvc
gpsvc
trustedinstaller   
"SvcHostSplitThresholdInKB"=3670016   
"WaitToKillServiceTimeout"=2000   
"SystemStartOptions"= NOEXECUTE=OPTIN  NOVGA   
"SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4)   
"FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1)   
"LastBootSucceeded"=1   
"LastBootShutdown"=1   

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbasedirectories"=0   
"auditbaseobjects"=0   
"Bounds"=0x0030000000200000   
"crashonauditfail"=0   
"fullprivilegeauditing"=0x00   
"LimitBlankPasswordUse"=1   
"NoLmHash"=1   
"Security Packages"=""   [19/07/2015 18:04:01]
"Notification Packages"=scecli   
"Authentication Packages"=msv1_0   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"forceguest"=0   
"LsaPid"=780   
"ProductType"=3   
"restrictanonymous"=0   
"restrictanonymoussam"=1   
"SamConnectedAccountsExist"=1   
"SecureBoot"=1   

[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"AutoChkTimeout"=8   
"BootExecute"=autocheck autochk *   
"BootShell"=%SystemRoot%\system32\bootim.exe   
"CriticalSectionTimeout"=2592000   
"ExcludeFromKnownDlls"=   
"GlobalFlag"=0   
"GlobalFlag2"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"InitConsoleFlags"=0   
"NumberOfInitialSessions"=2   
"ObjectDirectories"=\Windows
\RPC Control   
"ProcessorControl"=2   
"ProtectionMode"=1   
"RunLevelExecute"=WinInit
ServiceControlManager   
"RunLevelValidate"=ServiceControlManager   
"SETUPEXECUTE"=   
"AutoChkSkipSystemPartition"=0   
"ResourceTimeoutCount"=648000   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"AllowRemoteRPC"=0   
"DelayConMgrTimeout"=0   
"DeleteTempDirsOnExit"=1   
"fDenyTSConnections"=1   
"fSingleSessionPerUser"=1   
"NotificationTimeOut"=0   
"PerSessionTempDir"=0   
"ProductVersion"=5.1   
"RCDependentServices"=CertPropSvc
SessionEnv   
"SnapshotMonitors"=1   
"StartRCM"=0   
"TSUserEnabled"=0   
"InstanceID"=181eff01-6441-4973-bcfd-3eecd87   
"GlassSessionId"=1   


---------- | .LNK with Arguments

c:\$recycle.bin\s-1-5-21-4117569676-3186425540-4251289028-1001\$rcza5h6.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK
c:\$recycle.bin\s-1-5-21-4117569676-3186425540-4251289028-1001\$rizle0p.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK
c:\users\loïc\desktop\adsfix_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK

---------- | AppCertDlls


---------- | Dnsapi.dll

C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Control Panel\Desktop]
"ActiveWndTrackTimeout"=0   
"BlockSendInputResets"=0   
"CaretTimeout"=5000   
"CaretWidth"=1   
"ClickLockTime"=1200   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DockMoving"=1   
"DragFromMaximize"=1   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FocusBorderHeight"=1   
"FocusBorderWidth"=1   
"FontSmoothing"=2   
"FontSmoothingGamma"=0   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=2   
"ForegroundFlashCount"=7   
"ForegroundLockTimeout"=200000   
"LeftOverlapChars"=3   
"MenuShowDelay"=400   
"MouseWheelRouting"=2   
"PaintDesktopVersion"=0   
"Pattern"=0   
"RightOverlapChars"=3   
"ScreenSaveActive"=1   
"SnapSizing"=1   
"TileWallpaper"=0   
"WallpaperOriginX"=0   
"WallpaperOriginY"=0   
"WheelScrollChars"=3   
"WheelScrollLines"=3   
"WindowArrangementActive"=1   
"WallPaper"=c:\windows\web\wallpaper\theme1\img1.jpg   [15/09/2018 08:29:25]
"WallpaperStyle"=2   
"MouseMonitorEscapeSpeed"=0   
"Win8DpiScaling"=0   
"UserPreferencesMask"=0x9E1E078012000000   
"AutoColorization"=1   
"MaxVirtualDesktopDimension"=2624   
"MaxMonitorDimension"=1600   
"TranscodedImageCount"=1   
"LastUpdated"=4294967295   
"TranscodedImageCache"=0x7AC30100038F090080070000B0040000FAEC92D4C54CD40163003A005C00770069006E0064006F00770073005C007700650062005C00770061006C006C00700061007000650072005C007400680065006D00650031005C0069006D00670031002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"ImageColor"=2950864452   
"DpiScalingVer"=4096   
"PreferredUILanguages"=fr-FR   
"WaitToKillAppTimeout"=2000   
"HungAppTimeout"=2000   

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1   

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\CurrentVersion\Explorer]
"EdgeDesktopShortcutCreated"=1   
"ShellState"=0x240000003428000000000000000000000000000001000000130000000000000062000000   
"ExplorerStartupTraceRecorded"=1   
"UserSignedIn"=1   
"SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309D61020000FB9A790967ADD111ABCD00C04FC30936E4010000CEC429A936FD7042B4F534ECAC5BD63C2012000029585F9B29A5124B814AE81BCB8D93FCCF020000206BB9B11DDA3C4A92C17229B32F232634070000   
"SIDUpdatedOnLibraries"=1   
"LocalKnownFoldersMigrated"=1   
"TelemetrySalt"=0   
"GlobalAssocChangedCounter"=11   
"FirstRunTelemetryComplete"=1   
"AppReadinessLogonComplete"=1   
"PostAppInstallTasksCompleted"=1   

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2   
"StoreAppsOnTaskbar"=1   
"ServerAdminUI"=0   
"Hidden"=2   
"ShowCompColor"=1   
"HideFileExt"=1   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"HideIcons"=0   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"ShowSuperHidden"=0   
"SeparateProcess"=0   
"AutoCheckSelect"=0   
"IconsOnly"=0   
"ShowTypeOverlay"=1   
"ShowStatusBar"=1   
"ListviewAlphaSelect"=1   
"ListviewShadow"=1   
"TaskbarAnimations"=1   
"StartMenuInit"=13   
"ReindexedProfile"=1   
"EnableStartMenu"=1   
"TaskbarStateLastRun"=0x96B06D5C00000000   
"ShowTaskViewButton"=0   
"TaskbarSizeMove"=1   
"TaskbarBadges"=1   

[HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"undockwithoutlogon"=1   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"DisableCAD"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"SmartScreenEnabled"=RequireAdmin   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   

[HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"undockwithoutlogon"=1   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"DisableCAD"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   


---------- | Winlogon 

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders   
"BuildNumber"=17763   
"FirstLogon"=0   
"PUUActive"=0x5B98CD3F01000000020008003F1800004A2900004A290000D200000002000300E331C2046A5F0300F7080100380700001C0600005301000000000000DD5D0000D70000002500000065A53C751FCDD4013F18000000000000010000003F18000063450000000000000000000000000000   
"DP"=0xD200E80004000000020000005B98CD3F000000000000000065A53C751FCDD40165A53C751FCDD401000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100D643008010402001124A2001E6F2008052481C41524D9C41B33100000580A45A0584AC5A1F9100001240004912441249A9E9008011423009115A30098B3101C0C0102914D11829150AB80080101000421018084351C000404031206840312268C88500801120C1011920C101D12E01C0400818466008184605CE00800844010068540320   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=1   
"Background"=0 0 0   
"CachedLogonsCount"=10   
"DebugServerCommand"=no   
"DisableBackButton"=1   
"EnableSIHostIntegration"=1   
"ForceUnlockLogon"=0   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PasswordExpiryWarning"=5   
"PowerdownAfterShutdown"=0   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"ReportBootOk"=1   
"Shell"=explorer.exe   
"ShellCritical"=0   
"ShellInfrastructure"=sihost.exe   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"WinStationsDisabled"=0   
"scremoveoption"=0   
"LastLogOffEndTimePerfCounter"=2109891046119   
"ShutdownFlags"=2147483883   
"Userinit"=C:\Windows\system32\userinit.exe,   
"ShutdownWithoutLogon"=0   
"DisableCad"=1   
"EnableFirstLogonAnimation"=1   
"AutoLogonSID"=S-1-5-21-4117569676-3186425540-4251289028-1001   
"LastUsedUsername"=Loïc   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultDomainName"=   
"DefaultUserName"=   
"EnableSIHostIntegration"=1   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"Shell"=explorer.exe   
"ShellCritical"=0   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   


---------- | Associations

[HKLM\Software\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\Classes\.com]
""=comfile   

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.reg]
""=regfile   

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\Classes\.scr]
""=scrfile   

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\Classes\.bat]
""=batfile   

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.cmd]
""=cmdfile   

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.pif]
""=piffile   

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.inf]
""=inffile   

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.lnk]
""=lnkfile   

[HKLM\Software\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM\Software\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM\Software\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\Classes\Folder]
""=Folder   
"AppUserModelID"=Microsoft.Windows.Explorer   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.com]
""=comfile   

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile   

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile   

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile   

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile   

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile   

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile   

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut   

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile   

[HKLM\Software\WOW6432Node\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\WOW6432Node\Classes\Folder]
""=Folder   
"AppUserModelID"=Microsoft.Windows.Explorer   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [15/09/2018 17:39:44]
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [15/09/2018 17:39:44]
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall


---------- | AppcompatFlags

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"=0x534143500100000000000000070000002800000038330600FEA306000100000000000000000003060021000067077CBAC54CD40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000069C2869000000002904000029040000
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"=0x5341435001000000000000000700000028000000383303007B4503000100000000000000000003067122000067077CBAC54CD40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000359C2869000000002A0400002A040000
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"=0x534143500100000000000000070000002800000038BB0200A47E030001000000000000000000030673220000B395E7CF049FCE01000000000000000002000000280000000000000000000040000000000000000000000000000000009C39C72400000000C6000000C6000000
"SIGN.MEDIA=700EC microsoft office crack\Microsoft office 2007 et autre programmes\setup.exe"=0x534143500100000000000000070000002800000030110700C7F8070001000000000000000000000671020000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000037F90300000000000200000002000000
"SIGN.MEDIA=E3427 microsoft office crack\Langues de microsoft office 2007\SETUP.EXE"=0x534143500100000000000000070000002800000030110700C7F8070001000000000000000000000671020000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000019E90300000000000100000001000000
"SIGN.MEDIA=434FF9F microsoft office crack\Langues de microsoft office 2007\WORD.FR-FR\WORDMUI.MSI"=0x534143500100000000000000070000002800000000F400008396010001000000000000000000010500300000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000211F0000000000000200000002000000
"SIGN.MEDIA=1736ABC microsoft office crack\Langues de microsoft office 2007\POWERPOINT.FR-FR\POWERPOINTMUI.MSI"=0x534143500100000000000000070000002800000000F400008396010001000000000000000000010500300000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000037110000000000000100000001000000
"SIGN.MEDIA=3982C36 microsoft office crack\Microsoft office 2007 et autre programmes\Word.en-us\WordMUI.msi"=0x534143500100000000000000070000002800000000F400008396010001000000000000000000010500300000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000000F2F0000000000000200000002000000
"C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE"=0x5341435001000000000000000700000028000000A0200F00D31D100001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B5030100000000000400000004000000
"C:\Users\Loïc\Downloads\Popcorn-Time-0.3.8-0-Setup.exe"=0x5341435001000000000000000700000028000000A014BC018EED010001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000985EF400000000000100000001000000
"C:\Program Files (x86)\Skype\Phone\Skype.exe"=0x534143500100000000000000070000002800000060544A018FCA4A0101000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000000A0CBE00000000000500000005000000
"C:\Users\Loïc\Downloads\vlc-2.2.1-win32.exe"=0x5341435001000000000000000700000028000000F036B8012E86B80101000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000003C80000000000000100000001000000
"SIGN.MEDIA=256C03A4 autorun.exe"=0x534143500100000000000000070000002800000000500F00E85D0F0001000000000000000000010571200000975FD891C99ECE01000000000000000001000000040000000100000005000000100000000000000000000000000000008008000002000000280000000000000080080040000020000000000000002000000000001CA71400000000000700000007000000
"SIGN.MEDIA=1EED1A12 autorun.exe"=0x534143500100000000000000070000002800000000500F001728100001000000000000000000010571200000975FD891C99ECE0100000000000000000500000010000000000000000000000000000106800800000200000050000000000001068008006000040200000000000000000000000000BFFF1000000000000800000008000000000000008008004000000000000000000000000000000000A5590E00000000000500000000000000
"C:\Users\Loïc\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\20.0.12.0\setup.exe"=0x534143500100000000000000070000002800000090500600340D070001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000DA020100000000000100000001000000
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"=0x5341435001000000000000000700000028000000903428002E30290001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000028E99400000000000100000001000000
"C:\Program Files\NVIDIA Corporation\Display\nvtray.exe"=0x5341435001000000000000000700000028000000485B25005280250001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000298D0E00000000000100000001000000
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe"=0x534143500100000000000000070000002800000090241000C65D100001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000044651000000000000100000001000000
"C:\Program Files (x86)\Microsoft Games\Age of Empires III\splash.exe"=0x5341435001000000000000000700000028000000004001000000000001000000000000000000010571200000975FD891C99ECE01000000000000000002000000C80000000000000011000080000000000000000000000000000000005709000000000000010000000100000000000000900800800000000000000000000000000000000095090000000000000100000000000000000002061000000000000000000000000000000000000000E7050100000000000100000000000000000001061000000000000000000000000000000000000000A61B000000000000010000000000000000000000100000000000000000000000000000000000000018090000000000000100000000000000
"C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriver.exe"=0x534143500100000000000000070000002800000000E00B000000000003000000000000000000010571200000975FD891C99ECE010000000000000000010000000400000001000000020000007800000000030105000800600000800000000000000080000000000032916D00000000000200000001000000000301050008002000008000000000000000800000000000677E000000000000010000000000000000000000000800000000800000000000000080000000000097B90100000000000200000000000000
"SIGN.MEDIA=B44DACDF AutoRun.exe"=0x5341435001000000000000000700000028000000E0200700B3DD070001000000000000000000010671220000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000042AF2600000000000800000008000000
"C:\Program Files (x86)\Electronic Arts\EADM\EADMClientService.exe"=0x534143500100000000000000070000002800000038450500B66A050001000000000000000000010600210000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000003F521200000000000100000001000000
"C:\Program Files (x86)\Origin\UpdateTool.exe"=0x5341435001000000000000000700000028000000F88B0100F96B020001000000000000000000030671220000975FD891C99ECE0100000080000000000200000028000000000000008000008000000000000000000000000000000000FF210000000000000100000001000000
"C:\Windows\Installer\{6033673D-2530-4587-8AD0-EB059FC263F9}\Crysis2Launcher.exe"=0x5341435001000000000000000700000028000000E04C070040C2070001000000000000000000010671020000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000A6010000000000000200000002000000
"C:\Program Files (x86)\Origin\Origin.exe"=0x5341435001000000000000000700000028000000F06B37002D9C370001000000000000000000020600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A12E0000000000000100000001000000
"C:\Program Files (x86)\Origin\OriginUninstall.exe"=0x534143500100000000000000070000002800000060F80E0062380F0003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000D02E0000000000000100000001000000
"C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe"=0x53414350010000000000000007000000280000004841C2008269C20001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000AE5A0100000000000200000002000000
"C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe"=0x534143500100000000000000070000002800000038BBAA000ADAAA0001000000000000000000000671020000BFA2139DEDD1D3010000000000000000020000002800000000000106300000F0101002000000000000000000000000004B17180B000000005700000057000000
"SIGN.MEDIA=1EED1A12 install.exe"=0x534143500100000000000000070000002800000000E003000000000001000000000000000000010571200000975FD891C99ECE0100000000000000000200000050000000000000000008004000000000000000000000000000000000E04201000000000002000000010000000003010580080000000000000000000000000000000000009AB40000000000000100000000000000
"SIGN.MEDIA=1EED1A12 Age of Empires III - The WarChiefs.msi"=0x534143500100000000000000070000002800000000FE0000B780010001000000000000000000010500300000B395E7CF049FCE01000000000000000002000000280000000000000000400020000000000000000000000000000000009D120000000000000100000001000000
"SIGN.MEDIA=1DF647CF autorun.exe"=0x53414350010000000000000007000000280000001854100088F6100001000000000000000000000671220000975FD891C99ECE01000000000000000002000000280000000000000080000000000000000000000000000000000000004495FF06000000000400000004000000
"C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriver2.exe"=0x534143500100000000000000070000002800000000E00B000000000001000000000000000000010571200000975FD891C99ECE010000000000000000020000002800000000000000000800400000000000000000000000000000000025526D00000000000100000001000000
"C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"=0x5341435001000000000000000700000028000000001001000000000001000000000000000000010571200000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000080000020000002800000000000000000800400000200000000000000020000000000013486D00000000000100000001000000010000000400000001000000
"C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe"=0x534143500100000000000000070000002800000038FBB000A3DEB10001000000000000000000000671020000BFA2139DEDD1D3010000000000000000020000002800000000000000100000100000000000000000000000000000000024E92511000000006200000062000000
"C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE"=0x534143500100000000000000070000002800000038310400914C040001000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000000000001000000000000000000000000000000000B2D20300000000000200000002000000
"C:\Users\Loïc\AppData\Local\Temp\Temp1_aoe3patch-10to101_JeuxVideo.com_10925.zip\aoe3patch-10to101_JeuxVideo.com_10925.exe"=0x5341435001000000000000000700000028000000D03464007A0C650001000000000000000000010571000000975FD891C99ECE0100000080000000000200000028000000000000008008004000000000000000000000000000000000E1330000000000000300000003000000
"C:\Users\Loïc\Documents\aoe3patch-10to101_JeuxVideo.com_10925\aoe3patch-10to101_JeuxVideo.com_10925.exe"=0x5341435001000000000000000700000028000000D03464007A0C650001000000000000000000010571000000975FD891C99ECE01000000800000000002000000280000000000000080080040000000000000000000000000000000000E150000000000000100000001000000
"C:\Program Files (x86)\Foxit PhantomPDF\FoxitPhantomPDF.exe"=0x53414350010000000000000007000000280000006826270202BA270201000000000000000000030671220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000040000000000000000000000000000002396A80B000000000801000008010000
"C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe"=0x534143500100000000000000070000002800000038DBAD00109FAE000100000000000000000000067102000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000B5432D00000000000300000003000000
"C:\Users\Loïc\AppData\Local\Temp\Foxit PhantomPDF Updater.exe"=0x534143500100000000000000070000002800000040A46600EB08670001000000000000000000030671220000DB80FDAC2839D30100000080000000000200000028000000000000000000000000000000000000000000000000000000940BCA0C000000002500000025000000
"C:\Users\Loïc\AppData\Local\Popcorn Time\nw.exe"=0x53414350010000000000000007000000280000000048C2020000000001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000022EC1908000000001600000016000000
"C:\Users\Loïc\Downloads\7z920.exe"=0x5341435001000000000000000700000028000000DD5E11000000000001000000000000000000000671000000975FD891C99ECE010000000000000000010000000400000001000000020000005000000000020006000800600000000000000000000000000000000081360000000000000100000001000000000000000008004000002000000000000000200000000000DC1F0000000000000300000000000000
"C:\Program Files (x86)\7-Zip\Uninstall.exe"=0x534143500100000000000000070000002800000045E500000000000001000000000000000000000671000000975FD891C99ECE01000000000000000002000000500000000000000000080000000000000000000000000000000000007A1000000000000001000000010000000000000000080040000000000000000000000000000000002C180000000000000100000000000000
"C:\Program Files (x86)\7-Zip\7-zip.chm"=0x534143500100000000000000050000001000000001000000000000000000000000000000
"C:\Program Files (x86)\7-Zip\7zFM.exe"=0x5341435001000000000000000700000028000000006A06000000000001000000000000000000010671200000975FD891C99ECE01000000000000000001000000040000000100000002000000280000000000000000000010000002040000000000000004000000004A5D0F00000000000400000004000000
"C:\Program Files (x86)\7-Zip\7z.exe"=0x5341435001000000000000000700000028000000009202000000000001000000000000000000010671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000BB000000000000000200000002000000
"C:\Program Files (x86)\7-Zip\7zG.exe"=0x534143500100000000000000070000002800000000A603000000000001000000000000000000010671200000975FD891C99ECE0100000000000000000200000028000000000000000000001000020000000000000000000000000000B6060000000000000100000001000000
"C:\Program Files (x86)\Foxit PhantomPDF\Activation.exe"=0x53414350010000000000000007000000280000004032500012AE500001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B7830000000000000100000001000000
"C:\Users\Loïc\Downloads\JavaSetup8u60.exe"=0x534143500100000000000000070000002800000060EA08002156090001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000004DBA0200000000000100000001000000
"C:\Users\Loïc\Downloads\video-converter-studio.exe"=0x534143500100000000000000070000002800000070EC81017521820101000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000003E46A500000000000100000001000000
"SIGN.IE=01BDA60 uTorrent.exe"=0x534143500100000000000000070000002800000060DA1B003C351C0001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000100000000000000000000000000000000006830100000000000100000001000000
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE"=0x5341435001000000000000000700000028000000284D0500AAA8050001000000000000000000000671020000975FD891C99ECE010000000100000000
"C:\Windows\WinSxS\wow64_microsoft-windows-wordpad_31bf3856ad364e35_6.3.9600.17415_none_291a1e6c7503b9b8\wordpad.exe"=0x5341435001000000000000000700000028000000000A42007EA4420001000000000000000000030671220000975FD891C99ECE010000000000000000
"C:\Users\Loïc\Downloads\ZedTV.exe"=0x53414350010000000000000007000000280000006157BE000000000001000000000000000000020600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000490A4000000000000100000001000000
"C:\Program Files (x86)\ZedTV\zedtv.exe"=0x534143500100000000000000070000002800000000AA1200F4F5120001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000BF7B6405000000000E0000000E000000
"C:\Program Files\mcafee.com\agent\mcupdate.exe"=0x5341435001000000000000000700000028000000B86D1C001E091D0001000000000000000000030600210000D5B3B31A57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000057090000000000000200000002000000
"C:\Users\Loïc\Documents\Microsoft office\Microsoft.Office.Famille.et.Etudiant.2007.+.Key.French.juubiss59\SETUP.EXE"=0x534143500100000000000000070000002800000030110700C7F8070001000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000F75A0200000000000800000008000000
"C:\Users\Loïc\Documents\Microsoft office\Microsoft.Office.Famille.et.Etudiant.2007.+.Key.French.juubiss59\EXCEL.FR-FR\EXCELMUI.MSI"=0x534143500100000000000000070000002800000000FE0000B780010001000000000000000000010500100000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000066110000000000000500000005000000
"C:\Users\Loïc\Documents\Microsoft office\Microsoft.Office.Famille.et.Etudiant.2007.+.Key.French.juubiss59\WORD.FR-FR\WORDMUI.MSI"=0x534143500100000000000000070000002800000000FE0000B780010001000000000000000000010500100000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000094110000000000000200000002000000
"C:\Users\Loïc\Documents\Microsoft office\Microsoft.Office.Famille.et.Etudiant.2007.+.Key.French.juubiss59\HOMESTUDENTR.WW\OFFICE64WW.MSI"=0x534143500100000000000000070000002800000000FE0000B780010001000000000000000000010500100000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000770E0000000000000100000001000000
"C:\Users\Loïc\Documents\Microsoft office\Microsoft.Office.Famille.et.Etudiant.2007.+.Key.French.juubiss59\OFFICE.FR-FR\OFFICEMUI.MSI"=0x534143500100000000000000070000002800000000FE0000B780010001000000000000000000010500100000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000020120000000000000100000001000000
"C:\Users\Loïc\Documents\Microsoft office\Microsoft.Office.Famille.et.Etudiant.2007.+.Key.French.juubiss59\OFFICE64.FR-FR\OFFICE64MUI.MSI"=0x534143500100000000000000070000002800000000FE0000B780010001000000000000000000010500100000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000320A0000000000000100000001000000
"C:\Users\Loïc\AppData\Local\Temp\SetupProPlusRetail.x86.fr-FR_ProPlusRetail_GW6J7-PXNRV-RDX9M-FFMFD-PYQ6X_act_1_.exe"=0x5341435001000000000000000700000028000000C0D60F008B50100001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000003F460700000000000100000001000000
"C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE"=0x5341435001000000000000000700000028000000A0220F00A2CC0F0001000000000000000000030671200000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000003BEE0600000000000100000001000000
"C:\Program Files (x86)\Microsoft Office\Office12\MSPUB.EXE"=0x534143500100000000000000070000002800000030339200B086920001000000000000000000000671020000975FD891C99ECE010000000100000000
"C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE"=0x5341435001000000000000000700000028000000A0581D00D5621D0001000000000000000000010600010000975FD891C99ECE010000009000000000020000002800000000000000000000100000000000000000000000000000000015C27802000000001800000018000000
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\DesktopManager\x64\AsusDesktopMgr.exe"=0x534143500100000000000000070000002800000038C9030071BD040001000000000000000000020673020000B395E7CF049FCE0100000000000000000200000028000000000000000000004000000000000000000000000000000000F4570000000000000300000003000000
"SIGN.IE=016F480 SkypeSetup.exe"=0x534143500100000000000000070000002800000080F41600BAB6170001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000281D0100000000000100000001000000
"C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE"=0x5341435001000000000000000700000028000000A08688019A4A890101000000000000000000010600010000975FD891C99ECE0100000090000000000200000028000000000000000000001000000000000000000000000000000000FB9CEE02000000000100000001000000
"C:\Windows\System32\GfxUIEx.exe"=0x534143500100000000000000070000002800000090D906002846070001000000000000000000030673220000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000002F1A0000000000000100000001000000
"C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe"=0x5341435001000000000000000700000028000000B8B02A00B68F2B0003000000000000000000010600010000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000084270200000000000100000001000000
"C:\Program Files\Microsoft Office 15\root\office15\perfboost.exe"=0x5341435001000000000000000700000028000000A8600100E405020001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000763D0000000000000100000001000000
"C:\Users\Loïc\Videos\[www.Cpasbien.pe] Microsoft Office Professional Plus 2013 VL Edition x86 x64 FR\Office 2013 64 bit\setup.exe"=0x5341435001000000000000000700000028000000884603004F9D030001000000000000000000010600010000B395E7CF049FCE0100000000000000000200000028000000000000000000004000000000000000000000000000000000B4680500000000000200000002000000
"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\SETUP.EXE"=0x534143500100000000000000070000002800000030B50600FF1E070003000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E3F70200000000000200000002000000
"C:\Program Files\Microsoft Office\Office15\WINWORD.EXE"=0x5341435001000000000000000700000028000000685E1D0042AA1D0001000000000000000000010600010000BFA2139DEDD1D3010000009100000000
"C:\Program Files\Microsoft Office\Office15\POWERPNT.EXE"=0x534143500100000000000000070000002800000088321C00EA821C0001000000000000000000010600010000BFA2139DEDD1D3010000009100000000
"C:\Users\Loïc\AppData\Local\Popcorn Time\Uninstall.exe"=0x5341435001000000000000000700000028000000A4AB05008EED010003000000000000000000030600210000975FD891C99ECE01000000800000000002000000280000000000000000000000000000000000000000000000000000001F630000000000000100000001000000
"SIGN.IE=02E1E738 PopcornTime-latest.exe"=0x534143500100000000000000070000002800000038E7E1020000000001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F41B5900000000000100000001000000
"C:\Users\Loïc\Downloads\xmind-win-3.2.1.201011212218.exe"=0x53414350010000000000000007000000280000006AEB33030000000001000000000000000000000671000000975FD891C99ECE010000000000000000020000002800000000000000000800400000000000000000000000000000000026D02D00000000000100000001000000
"SIGN.IE=0F1250 ChromeSetup.exe"=0x534143500100000000000000070000002800000050120F00AD530F0001000000000000000000030600210000975FD891C99ECE010000000100000000
"C:\Users\Loïc\Downloads\GoProStudioPC-2-0-0-285.exe"=0x534143500100000000000000070000002800000070A70107DB19020701000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000004B737A06000000000100000001000000
"C:\Program Files (x86)\GoPro\Tools\GoPro Studio.exe"=0x534143500100000000000000070000002800000000026600C5366600010000000000000000000206F100000019B4C529E312D10100000000000000000200000028000000000000000000000000100000000000000000000000000000645A0A00000000000300000003000000
"C:\Users\Loïc\AppData\Local\Temp\IXP144.TMP\QuickTimeInstallerAdmin.exe"=0x534143500100000000000000070000002800000040390100EAE7010001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000BF720000000000000100000001000000
"C:\Program Files\Microsoft Office\Office15\EXCEL.EXE"=0x5341435001000000000000000700000028000000684AF501285EF50101000000000000000000010600010000BFA2139DEDD1D3010000009100000000
"C:\Program Files (x86)\XMind\xmind.exe"=0x534143500100000000000000070000002800000000E00000A9F6000001000000000000000000000671000000E63F486B2AA0D2010000000000000000020000002800000000000000000000000010000000000000000000000000000062EB4000000000000200000002000000
"C:\Users\Loïc\Downloads\WinCmapTools_v6.01.01_07-23-15.exe"=0x53414350010000000000000007000000280000002841EE05BC60EE0501000000000000000000020600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000008F0B0200000000000100000001000000
"C:\Program Files (x86)\IHMC CmapTools\bin\CmapTools.exe"=0x534143500100000000000000070000002800000000640800000000000100000000000000000002060001000019B4C529E312D101000000000000000002000000280000000000000000000000001000000000000000000000000000000CAD8204000000000700000007000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C03802000BA5020001000000000000000000000A0021000019B4C529E312D1010000000100000000
"C:\Program Files\Microsoft Office\Office15\MSOUC.EXE"=0x5341435001000000000000000700000028000000888A0900BF8C09000100000000000000000001067302000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000B130000000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8BA0200D5D3020001000000000000000000000A0021000019B4C529E312D1010000000100000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8BA020001D3020001000000000000000000000A0021000019B4C529E312D1010000000100000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C0AC02007050030001000000000000000000000A0021000019B4C529E312D1010000000100000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C0AC02007050030001000000000000000000000A0021000033504C2B57DFD1010000000100000000
"C:\Users\Loïc\AppData\Local\Temp\Temp1_TADRecRenamer.zip\Setup.msi"=0x534143500100000000000000070000002800000000FE00009EC4010001000000000000000000010500100000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000C9CE0000000000000100000001000000
"C:\Program Files (x86)\UnDeFeaT.com\Age3XRec Renamer\Age3XRecRenamer.exe"=0x53414350010000000000000007000000280000000060010000000000010000000000000000000006F5200000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000054C4C701000000000D0000000D000000
"C:\Users\Loïc\Downloads\googledrivesync.exe"=0x5341435001000000000000000700000028000000A04110008862100001000000000000000000000A0021000033504C2B57DFD101000000800000000002000000280000000000000000000000000000000000000000000000000000002BB40700000000000100000001000000
"C:\Users\Loïc\Downloads\ESOC Patch 2.0.0.5.exe"=0x5341435001000000000000000700000028000000BB1FE2000000000001000000000000000000000A0021000033504C2B57DFD10100000080000000000200000050000000000000000000000000000000000000000000000000000000878F08000000000001000000010000000000000000000040000000000000000000000000000000004D9A0300000000000100000000000000
"C:\Users\Loïc\AppData\Local\Temp\{f65db027-aff3-4070-886a-0d87064aabb1}\.be\vcredist_x86.exe"=0x5341435001000000000000000700000028000000380A0700F6FF07000100000000000000000003060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000007AC90000000000000200000002000000
"C:\Users\Loïc\Downloads\Microsoft Visual C%2B%2B 2013 %28x86%29 (2).exe"=0x5341435001000000000000000700000028000000303E6300BEF963000100000000000000000003060001000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000007CB90000000000000100000001000000
"C:\Users\Loïc\AppData\Local\Temp\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\.be\VC_redist.x86.exe"=0x5341435001000000000000000700000028000000F0170800C4D6080001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000004EB10000000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000E07E03004B44040001000000000000000000000A0021000033504C2B57DFD1010000000100000000
"C:\Users\Loïc\AppData\Local\Temp\IXP311.TMP\SetupAdmin.exe"=0x5341435001000000000000000700000028000000480302001AE502000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000076240200000000000100000001000000
"C:\Users\Loïc\AppData\Local\Temp\IXP149.TMP\SetupAdmin.exe"=0x5341435001000000000000000700000028000000480302001AE502000100000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000000D4C0000000000000100000001000000
"C:\Program Files\iTunes\iTunes.exe"=0x5341435001000000000000000700000028000000387B2D005CD82D0001000000000000000000000A00210000D5B3B31A57DFD1010000000000000000020000002800000000000000000000100000000000000000000000000000000080240000000000000400000004000000
"C:\Users\Loïc\Downloads\ScratchInstaller1.4.exe"=0x534143500100000000000000070000002800000097881002000000000100000000000000000000067100000033504C2B57DFD10100000000000000000200000028000000000000000008004000000000000000000000000000000000A2030500000000000100000001000000
"C:\Program Files (x86)\Scratch\Scratch.exe"=0x534143500100000000000000070000002800000000F40F00000000000100000000000000000000067120000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000E8BA6F00000000000300000003000000
"C:\Users\Loïc\Downloads\wrar540fr.exe"=0x5341435001000000000000000700000028000000A0941F00732C200001000000000000000000000A0021000033504C2B57DFD1010000008000000000020000002800000000000000000000400000000000000000000000000000000059760000000000000100000001000000
"C:\Program Files (x86)\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000090E316006B2B170001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A590CD01000000001400000014000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D87E030025C1030001000000000000000000000A0021000033504C2B57DFD1010000000100000000
"C:\Program Files (x86)\Plagiarisma.Net\plagiarisma.exe"=0x5341435001000000000000000700000028000000002E0A00626D0A0001000000000000000000000671020000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000200000000000000000000000000915D0000000000000300000003000000
"C:\Users\Loïc\Downloads\Scratch-453.exe"=0x5341435001000000000000000700000028000000A8EFB60311EEB70301000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000789F0100000000000100000001000000
"C:\Users\Loïc\AppData\Local\Temp\AIR3B8C.tmp\Install Scratch 2.exe"=0x5341435001000000000000000700000028000000B006020099F4020001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000042D91F00000000000100000001000000
"C:\Program Files (x86)\Scratch 2\Scratch 2.exe"=0x5341435001000000000000000700000028000000007E030098B5010001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000084986D00000000000800000008000000
"C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\setup.exe"=0x534143500100000000000000070000002800000058E31400D493150003000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000408F0000000000000100000001000000
"C:\Users\Loïc\Downloads\ChromeSetup.exe"=0x5341435001000000000000000700000028000000A03B1100BAC0110001000000000000000000000A0021000033504C2B57DFD1010000008100000000
"C:\Users\Loïc\AppData\Local\Temp\GUM712F.tmp\GoogleUpdateSetup.exe"=0x5341435001000000000000000700000028000000A03B1100BAC0110001000000000000000000000A0021000033504C2B57DFD1010000008000000000020000002800000000000000000000400000000000000000000000000000000018520000000000000100000001000000
"C:\Users\Loïc\Downloads\ESOC Patch 2.0.0.6.exe"=0x53414350010000000000000007000000280000001AFBE2000000000001000000000000000000000A0021000033504C2B57DFD101000000800000000002000000280000000000000000000000000000000000000000000000000000007F3A0200000000000100000001000000
"C:\Users\Loïc\Downloads\ESOC Patch 2.0.0.8.exe"=0x53414350010000000000000007000000280000004FFFE2000000000001000000000000000000000A0021000033504C2B57DFD10100000080000000000200000028000000000000000000004000000000000000000000000000000000493C0100000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D88003007F30040001000000000000000000000A0021000033504C2B57DFD1010000000100000000
"C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe"=0x534143500100000000000000070000002800000000BCB900B1A4BA0001000000000000000000000A61200000E63F486B2AA0D2010000000000000000020000002800000000000000000000000800000000000000000000000000000084F0B300000000000500000005000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D88203009CF3030001000000000000000000000A0021000033504C2B57DFD1010000000100000000
"C:\Windows\System32\UNPUXWorker.exe"=0x534143500100000000000000070000002800000060570100B8B0010001000000000000000000000A73220000D5B3B31A57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000002F000000000000000200000002000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000787C03003765040001000000000000000000000A00210000E63F486B2AA0D2010000000100000000
"C:\Users\Loïc\Downloads\mp68-win-mg3100-1_02-ea24.exe"=0x5341435001000000000000000700000028000000487ECB0194A0CB0101000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000008000004000000000000000000000000000000000DB840B00000000000100000001000000
"C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE"=0x534143500100000000000000070000002800000090020B00B5070B0001000000000000000000010600210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000021680000000000000100000001000000
"C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe"=0x5341435001000000000000000700000028000000A8C6010092BF020001000000000000000000010600210000E63F486B2AA0D20100000000000000000200000028000000000000000000004000020200000000000000000000000000D02E0000000000000100000001000000
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe"=0x5341435001000000000000000700000028000000C83906008508070001000000000000000000010600210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000200000000000000000000000000009E0A0000000000000100000001000000
"C:\Windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series\DELDRV64.exe"=0x5341435001000000000000000700000028000000A01A0B007C390B0001000000000000000000010600210000E78E163C2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000DC750000000000000100000001000000
"C:\Program Files (x86)\IHMC CmapTools\UninstallerData\Change CmapTools Installation.exe"=0x5341435001000000000000000700000028000000006408000000000001000000000000000000020600010000E63F486B2AA0D201000000000000000002000000280000000000000000000040001000000000000000000000000000009E330100000000000100000001000000
"C:\Users\Loïc\Downloads\vlc-2.2.6-win32.exe"=0x53414350010000000000000007000000280000000845D8014E15D90101000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000DCCB0000000000000100000001000000
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000B0370200A843020001000000000000000000000600010000BFA2139DEDD1D30100000000000000000200000050000000000000000000001000000000000000000000000000000000EC34490D000000003D0000000100000000000000800000100000000000000000000000000000000023903905000000000700000000000000
"C:\Users\Loïc\Downloads\ActivInspireSuite v2.10.66827 fr setup.exe"=0x5341435001000000000000000700000028000000C0BE010AFE10020A01000000000000000000010600010000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000047E00800000000000100000001000000
"C:\Program Files (x86)\Activ Software\Inspire\Inspire.exe"=0x5341435001000000000000000700000028000000000A99007572990001000000000000000000000A71220000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000E2922900000000000200000002000000
"SIGN.MEDIA=53BB3B8 Setup.exe"=0x5341435001000000000000000700000028000000009A05000000000001000000000000000000020641200000E63F486B2AA0D201000000000000000002000000280000000000000000080040000000000000000000000000000000006A5D8E42000000000300000003000000
"C:\Program Files (x86)\Common Files\SNP2UVC\amcap.exe"=0x534143500100000000000000070000002800000038890100C4FF010001000000000000000000020671200000E63F486B2AA0D2010000000000000000020000002800000000000000000000000010000000000000000000000000000026630500000000001100000011000000
"C:\Users\Loïc\AppData\Local\Temp\Rar$EXa0.111\setup.exe"=0x5341435001000000000000000700000028000000B8040E008F3B0E0001000000000000000000010600210000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000B1AB0000000000000100000001000000
"C:\Program Files (x86)\Scratch\uninstall.exe"=0x5341435001000000000000000700000028000000730201000000000003000000000000000000000671000000E63F486B2AA0D20100000000000000000200000028000000000000000008000000000000000000000000000000000000B5D40000000000000100000001000000
"C:\Program Files (x86)\GoPro\GoPro Studio\uninst.exe"=0x5341435001000000000000000700000028000000752F0200DB19020703000000000000000000010600010000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000067121200000000000100000001000000
"C:\Program Files (x86)\Noël Danjou\AMCap\amcap.exe"=0x534143500100000000000000070000002800000070790800B6C1080001000000000000000000010671220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000010000000000000000000000000000046C20000000000000100000001000000
"SIGN.MEDIA=1865548 SCIENCES_CM.exe"=0x53414350010000000000000007000000280000002B6428000000000001000000000000000000000671020000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000FEEB621E000000000700000007000000
"C:\Users\Loïc\Desktop\SCIENCES_CM.exe"=0x53414350010000000000000007000000280000002B6428000000000001000000000000000000000671020000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000004F8F0000000000000400000004000000
"C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE"=0x5341435001000000000000000700000028000000806C920151C7920101000000000000000000010600010000E78E163C2AA0D2010000009100000000
"SIGN.MEDIA=9400492 Lockv2.51.exe"=0x534143500100000000000000070000002800000000F216009501170001000000000000000000000A71220000E63F486B2AA0D201000000000000000002000000280000000000000000000000000000000000000000000000000000003F0D0000000000000100000001000000
"C:\Program Files (x86)\Noël Danjou\AMCap\uninst.exe"=0x5341435001000000000000000700000028000000FCA602008F3B0E0003000000000000000000010600010000E63F486B2AA0D201000000000000000002000000280000000000000000000000000000000000000000000000000000000C250000000000000100000001000000
"C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe"=0x5341435001000000000000000700000028000000D80507006BAF070003000000000000000000000671020000E63F486B2AA0D201000000000000000002000000280000000000000000000000000000000000000000000000000000006A750100000000000100000001000000
"C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe"=0x534143500100000000000000070000002800000050673B00D7CD3B0001000000000000000000000A80210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000F36C0000000000000100000001000000
"C:\Program Files (x86)\Apowersoft\Video Converter Studio\unins000.exe"=0x5341435001000000000000000700000028000000D1EA18000000000003000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000016330000000000000100000001000000
"C:\Program Files (x86)\Plagiarisma.Net\unins000.exe"=0x5341435001000000000000000700000028000000E7BB17000000000003000000000000000000030600010000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000841E0000000000000100000001000000
"C:\Users\Loïc\Desktop\CM1 2017-2018\Sciences\matériaux et objets techniques\setupX2.exe"=0x5341435001000000000000000700000028000000E0A49A010000000001000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000019E80100000000000100000001000000
"C:\FreeStyler\FreeStylerX2.exe"=0x534143500100000000000000070000002800000000908F002261900001000000000000000000000A71200000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000075D80200000000000500000005000000
"C:\Users\Loïc\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\CDM21214_Setup.exe"=0x534143500100000000000000070000002800000018772000FE7E200001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000004A470000000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C80E0400AEA6040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.7074.1023\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C80E0400B6AD040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000
"SIGN.MEDIA=19B74 Start.exe"=0x534143500100000000000000070000002800000034C000000000000001000000000000000000010571200000E63F486B2AA0D20100000000000000000200000028000000000000000000000000040200000000000000000000000000427F0000000000000200000002000000
"SIGN.MEDIA=317E6368 START.exe"=0x5341435001000000000000000700000028000000092D2E000000000001000000000000000000010571200000E63F486B2AA0D2010000000000000000020000002800000000000000000000000004000000000000000000000000000083EDC304000000000200000002000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C80E040067ED040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000
"SIGN.MEDIA=4B789 start.exe"=0x5341435001000000000000000700000028000000342001000000000001000000000000000000010571200000E63F486B2AA0D201000000000000000005000000100000000000000000000000000000008000000002000000280000000000000080000000000020000000000000002000000000003D040200000000000100000001000000010000000400000001000000
"C:\Users\Loïc\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\mil3_setup.exe"=0x534143500100000000000000070000002800000056A58E030000000001000000000000000000000A41200000E63F486B2AA0D20100000000000000000200000028000000000000000008004000000000000000000000000000000000F5010300000000000100000001000000
"C:\Users\Loïc\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\mil2_setup.exe"=0x534143500100000000000000070000002800000072B940030000000001000000000000000000000A41200000E63F486B2AA0D20100000000000000000200000028000000000000000008004000000000000000000000000000000000695F0600000000000100000001000000
"C:\Users\Loïc\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\LECTRAMINI.exe"=0x53414350010000000000000007000000280000004FBD03010000000001000000000000000000010600010000E63F486B2AA0D201000000000000000002000000280000000000000000000000000000000000000000000000000000001D2D0300000000000100000001000000
"C:\Program Files (x86)\LECTRAMINI ATTS\Atelier de Lecture.exe"=0x5341435001000000000000000700000028000000004000000000000001000000000000000000000A71200000E63F486B2AA0D2010000000000000000020000002800000000000000000000000400000000000000000000000000000092950800000000000200000002000000
"C:\educampa\1000Mots_V2\1000mots.exe"=0x53414350010000000000000007000000280000000090040078CB040001000000000000000000020671000000E63F486B2AA0D201000000000000000002000000280000000000000000000000001000000000000000000000000000008DCD6401000000000B0000000B000000
"C:\educampa\1000Mots_V3\1000Mots_V3.exe"=0x534143500100000000000000070000002800000000D00A005CDE0A0001000000000000000000000A71200000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000080D91200000000000400000004000000
"C:\Program Files (x86)\LECTRAMINI ATTS\Atelier d'Ecriture.exe"=0x5341435001000000000000000700000028000000004000000000000001000000000000000000000A71200000E63F486B2AA0D201000000000000000002000000280000000000000000000000040000000000000000000000000000000AFB0000000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C89C0300B381040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000
"C:\Users\Loïc\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe"=0x5341435001000000000000000700000028000000F0CCAD00F1F2AD0001000000000000000000020600010000E63F486B2AA0D20100000080000000000200000028000000000000000000004000000000000000000000000000000000764C0400000000000100000001000000
"C:\Users\Loïc\Downloads\FRST64 (1).exe"=0x5341435001000000000000000700000028000000008024000D11250001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000000824FF05000000000100000001000000
"C:\Users\Loïc\Downloads\ESOC Patch 4.1.0.0.exe"=0x5341435001000000000000000700000028000000CB7BFE000000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000047DE2800000000000100000001000000
"C:\Users\Loïc\AppData\Local\Temp\Rar$EXa0.785\setup.exe"=0x534143500100000000000000070000002800000000C005008A6E050001000000000000000000010571000000DB80FDAC2839D301000000000000000002000000280000000000000000080040000000000000000000000000000000007D7D0000000000000100000001000000
"C:\Program Files (x86)\Microsoft Games\Age of Empires III\unins000.exe"=0x5341435001000000000000000700000028000000A1FC0A000000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000050120000000000000100000001000000
"C:\Users\Loïc\Desktop\setup.exe"=0x534143500100000000000000070000002800000000C005008A6E050001000000000000000000010571000000DB80FDAC2839D301000000000000000005000000100000000000000000000000000000000008000002000000280000000000000000080040000000000000000000000000000000003D2A0000000000000200000002000000
"C:\Program Files (x86)\McAfee\SiteAdvisor\uninstall.exe"=0x5341435001000000000000000700000028000000F8B70B00C88B0C0003000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000092350100000000000100000001000000
"C:\Program Files\mcafee\msc\mcuihost.exe"=0x5341435001000000000000000700000028000000D8FC10003BF0110003000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000069AC0400000000000100000001000000
"C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe"=0x5341435001000000000000000700000028000000A06D04002D36050003000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B34D0000000000000100000001000000
"C:\educampa\1000Mots_V3\Desinstallation\unins000.exe"=0x5341435001000000000000000700000028000000F83901000000000003000000000000000000010541200000DB80FDAC2839D30100000000000000000200000028000000000000000008000000000000000000000000000000000000BC700000000000000100000001000000
"C:\educampa\1000Mots_V2\Desinstallation\unins000.exe"=0x5341435001000000000000000700000028000000F83901000000000003000000000000000000010541200000DB80FDAC2839D3010000000000000000020000002800000000000000000800000000000000000000000000000000000042650000000000000100000001000000
"C:\Users\Loïc\Downloads\adwcleaner_7.0.6.0.exe"=0x534143500100000000000000070000002800000020197D00CDE67D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000056AA0400000000000100000001000000
"C:\Users\Loïc\Downloads\mb3-setup-consumer-3.3.1.2183.exe"=0x5341435001000000000000000700000028000000B079AB04D695AB0401000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000DF230100000000000100000001000000
"C:\Users\Loïc\Downloads\ZHPCleaner-2017.exe"=0x5341435001000000000000000700000028000000005C2600B70C270001000000000000000000030600010000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000008C091900000000000100000001000000
"C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe"=0x5341435001000000000000000700000028000000D09D0B00A80C0C0001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B6060000000000000100000001000000
"C:\Users\Loïc\Downloads\ESOC Patch 4.1.0.0 (1).exe"=0x5341435001000000000000000700000028000000CB7BFE000000000001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000007E7A0A00000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0A203006855040001000000000000000000000A71200000DB80FDAC2839D3010000000100000000
"C:\Users\Loïc\Downloads\UsbFix_2018.exe"=0x5341435001000000000000000700000028000000F0376C0073C26C0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000CB940400000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\17.005.0107.0008\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0AC03001457040001000000000000000000000A71200000DB80FDAC2839D3010000000100000000
"C:\Program Files (x86)\UsbFix\UsbFix.exe"=0x5341435001000000000000000700000028000000407C1C00BF201D0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000060751A00000000000400000004000000
"C:\Users\Loïc\Desktop\FRST64.exe"=0x534143500100000000000000070000002800000000AE240060C1240001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000009C270A00000000000200000002000000
"C:\Users\Loïc\Downloads\uTorrent.exe"=0x5341435001000000000000000700000028000000A8782B00D5502C0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000BE495800000000000400000004000000
"C:\Users\Loïc\Videos\Age Of Empires 3 Incl Expansion and keys\Cracks\age3.exe"=0x53414350010000000000000007000000280000000070B4005A16950001000000000000000000000671020000DB80FDAC2839D30100000000000000000200000028000000000000001000001000000000000000000000000000000000C8250000000000000100000001000000
"C:\Users\Loïc\Desktop\PDFEditPortable\PDFEditPortable.exe"=0x534143500100000000000000070000002800000003E900000000000001000000000000000000000671220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000036075F00000000000C0000000C000000
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe"=0x5341435001000000000000000700000028000000282473024F20740201000000000000000000000A61200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000757E4C00000000000400000004000000
"C:\Users\Loïc\Desktop\PDFEditPortable\App\PDFEdit\PDFEdit.exe"=0x534143500100000000000000070000002800000000ED44003CE4450001000000000000000000000671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E8EA0100000000000200000002000000
"SIGN.MEDIA=D5694A74 setup.exe"=0x5341435001000000000000000700000028000000C51459000000000001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000081A60A00000000000300000003000000
"C:\Games\Age of Empires Definitive Edition\AoEDE.exe"=0x534143500100000000000000070000002800000000B0A9000000000001000000000000000000000A73200000DB80FDAC2839D30100000000000000000200000050000000000000000000004000000000000000000000000000000000FF21000000000000010000000100000000000000000000000000000000000000000000000000000055330000000000000400000000000000
"C:\Games\Age of Empires Definitive Edition\unins000.exe"=0x5341435001000000000000000700000028000000DBEF17000000000001000000000000000000030600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000200000000000000000000000000005A250000000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0AE0300F24D040001000000000000000000000A71200000DB80FDAC2839D3010000000100000000
"C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3t.exe"=0x53414350010000000000000007000000280000000060B500CB69B50001000000000000000000000671020000DB80FDAC2839D30100000000000000000200000028000000000301053400006000000000000000000000000000000000FA000000000000000100000001000000
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000008C02007E0F030001000000010000000000000A61220000DB80FDAC2839D3010000000000000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.044.0301.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0BC0300204F040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300017A040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000
"C:\Users\Loïc\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\ReimageRepair.exe"=0x5341435001000000000000000700000028000000F03C0900DF52090001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000003FDF0B00000000000100000001000000
"C:\Program Files\Reimage\Reimage Repair\uninst.exe"=0x534143500100000000000000070000002800000048D80C004AC50D0003000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EA930200000000000100000001000000
"C:\Program Files (x86)\Epic Games\Launcher\Portal\SelfUpdateStaging\Install\Portal\Extras\Redist\LauncherPrereqSetup_x64.exe"=0x5341435001000000000000000700000028000000509AB200EA66B30001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000800000400000000000000000000000000000000025BF0100000000000100000001000000
"C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe"=0x534143500100000000000000070000002800000090CFF40140D0F40101000000000000000000000A00210000DB80FDAC2839D30100000000000000000500000010000000000000000000000000000000800000000200000028000000000000008000004000000000000000000000000000000000A60E0000000000000100000001000000
"C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe"=0x534143500100000000000000070000002800000090852E00A1BB2E0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000800000000000000000000000000000000000000040C3C601000000000400000004000000
"C:\Program Files\windows nt\accessories\wordpad.exe"=0x5341435001000000000000000700000028000000008E44000FC6440001000000010000000000000A63220000BFA2139DEDD1D3010000000000000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A8E003002796040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Loïc\AppData\Local\Temp\7zS43517257\GenericSetup.exe"=0x5341435001000000000000000700000028000000F8520100F4B7010001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000A3801F00000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.111.0603.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0F60300D140040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Loïc\Downloads\Setup_FileViewPro_2018.exe"=0x5341435001000000000000000700000028000000F09A1400BD84150001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000A88F0100000000000100000001000000
"C:\Program Files\FileViewPro\FileViewPro.exe"=0x5341435001000000000000000700000028000000E8EC08007A79090001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000296A2204000000000100000001000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A80204003EA4040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"SIGN.MEDIA=CB015C41 pourPC.exe"=0x53414350010000000000000007000000280000003726AB00ABDE050001000000000000000000020671020000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C629DB00000000000C0000000C000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.151.0729.0006\FileSyncConfig.exe"=0x534143500100000000000000070000002800000020F80300EE6C040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"=0x53414350010000000000000007000000280000006080A90186BFA90101000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.151.0729.0012\FileSyncConfig.exe"=0x534143500100000000000000070000002800000020F30300A795040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileSyncConfig.exe"=0x53414350010000000000000007000000280000006010040082C7040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Program Files\WindowsApps\NAVER.LINEwin8_5.11.1.0_x86__8ptj331gd3tyt\LINE.exe"=0x53414350010000000000000007000000280000006006C20073CEC20001000000000000000000000A71200000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000051DDC901000000000300000003000000
"C:\Program Files\WindowsApps\NAVER.LINEwin8_5.11.2.0_x86__8ptj331gd3tyt\LINE.exe"=0x534143500100000000000000070000002800000060A8C1000F90C20001000000000000000000000A71200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000456DC10B000000000900000009000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.192.0920.0015\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060340400A607050001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Program Files\WindowsApps\NAVER.LINEwin8_5.11.3.0_x86__8ptj331gd3tyt\LINE.exe"=0x534143500100000000000000070000002800000060A6C100A1F7C10001000000000000000000000A71200000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000006CD8616000000000200000002000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.212.1021.0008\FileSyncConfig.exe"=0x53414350010000000000000007000000280000002031040026BC040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Program Files\WindowsApps\NAVER.LINEwin8_5.11.4.0_x86__8ptj331gd3tyt\LINE.exe"=0x534143500100000000000000070000002800000060D4C1000C76C20001000000000000000000000A71200000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002081E111000000000800000008000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\FileSyncConfig.exe"=0x534143500100000000000000070000002800000020570400F14C050001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"SIGN.MEDIA=259BBA InstallNavi.exe"=0x5341435001000000000000000700000028000000F89B250034AF250001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000F5A7A901000000000A0000000A000000
"C:\Program Files (x86)\epson\Epson Scan 2\Core\es2launcher.exe"=0x53414350010000000000000007000000280000001812050088F9050001000000000000000000000A71220000BFA2139DEDD1D301000000000000000005000000100000000000000000000000000000008000000002000000280000000000000080000000000000000000000000000000000000008DA57404000000000500000005000000
"C:\Program Files (x86)\epson\Epson Scan 2\Setup\setup.exe"=0x534143500100000000000000070000002800000020D81000E56F110003000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000426C0100000000000100000001000000
"C:\Users\Loïc\AppData\Roaming\uTorrent\uTorrent.exe"=0x5341435001000000000000000700000028000000B88C1A00DACC1A0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\18.240.1202.0004\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000386B0400903D050001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Loïc\Downloads\hwmonitor_1.38.exe"=0x5341435001000000000000000700000028000000E0491300F089130001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000031D50700000000000100000001000000
"C:\Users\Loïc\Downloads\hwmonitor_1.39.exe"=0x5341435001000000000000000700000028000000C042130075C8130001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A3A30000000000000100000001000000
"C:\Program Files\CPUID\HWMonitor\HWMonitor.exe"=0x5341435001000000000000000700000028000000E01D250046FA250001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000085520000000000000100000001000000
"C:\Users\Loïc\Downloads\UsbFix_2019.exe"=0x534143500100000000000000070000002800000040D545007422460001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000000D600100000000000100000001000000
"C:\Users\Loïc\Downloads\ZHPDiag3 (1).exe"=0x534143500100000000000000070000002800000080CD3000C6D3300001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000380DB80104FEB80101000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Loïc\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000308104006ACC040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Loïc\Downloads\ZHPCleaner.exe"=0x5341435001000000000000000700000028000000807D32004D31330001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000
"C:\Users\Loïc\Downloads\FRST64.exe"=0x534143500100000000000000070000002800000000242500BE66250001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000110E0500000000000100000001000000
"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000D0F79A00AF8E9B0001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DA160200000000000100000001000000
"C:\Users\Loïc\Downloads\marmiton-install.exe"=0x5341435001000000000000000700000028000000D0E90B000000000001000000000000000000000671020000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FBA90000000000000200000002000000
"C:\MARMITON\MARMITON.EXE"=0x5341435001000000000000000700000028000000006001009AB2010001000000000000000000000A71200000BFA2139DEDD1D301000000000000000002000000500000000000000000000040000000000000000000000000000000006440000000000000010000000100000000000000000000000000000000000000000000000000000052A60000000000000400000000000000
"C:\FreeStyler\Art-Net to DMX.exe"=0x534143500100000000000000070000002800000000100B00F0A70B0001000000000000000000000A71200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F5A69702000000000100000001000000
"C:\Users\Loïc\Downloads\AdsFix.exe"=0x5341435001000000000000000700000028000000988557009139580001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000023290000000000000200000002000000
"C:\Users\Loïc\Desktop\AdsFix.exe"=0x5341435001000000000000000700000028000000988557009139580001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000F9CF9B03000000000400000004000000
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000F00F1A004FD91A0001000000000000000000000A0021000067077CBAC54CD4010000000100000000
"C:\Users\Loïc\Desktop\application sécurité\AdsFix.exe"=0x5341435001000000000000000700000028000000988557009139580001000000000000000000000A00210000BFA2139DEDD1D301000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000002C250000000000000100000001000000
"C:\Users\Loïc\Downloads\Windows10Upgrade9252.exe"=0x5341435001000000000000000700000028000000F8915D0024105E0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000091934B03000000000100000001000000
"C:\Windows10Upgrade\Windows10UpgraderApp.exe"=0x534143500100000000000000070000002800000020D11D00AD4E1E0001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000A30C0000000000000200000002000000
"C:\Windows\System32\igfxEM.exe"=0x5341435001000000000000000700000028000000E0690500AA9E050001000000000000000000000A7322000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000008956770B000000000100000001000000
"C:\Windows\System32\igfxHK.exe"=0x5341435001000000000000000700000028000000E0190400A52E040001000000000000000000000A7322000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000004754770B000000000100000001000000
"C:\Windows\System32\igfxTray.exe"=0x5341435001000000000000000700000028000000E021060036AB060001000000000000000000000A7322000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000000B51770B000000000100000001000000
"C:\Program Files\internet explorer\iexplore.exe"=0x5341435001000000000000000700000028000000509D0C0075FF0C0001000000010000000000000A0021000067077CBAC54CD4010000000000000000
"C:\Program Files (x86)\Microsoft Games\Age of Empires III\ESOCPatchLauncher.exe"=0x534143500100000000000000070000002800000000AA1C00BE8F1D0001000000000000000000000A7522000067077CBAC54CD401000000000000000002000000280000000000000000000040000000000000000000000000000000004C701100000000000200000002000000
"C:\Users\Loïc\Downloads\QuickDiag.exe"=0x534143500100000000000000070000002800000098394A00BB044B0001000000000000000000000A0021000067077CBAC54CD4010000000000000000


---------- | IFEO


---------- | Mountpoints2


---------- | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKLM\SOFTWARE\Microsoft\Security Center]
"cval"=1

[HKLM\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=131953624670987684

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender
"ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100
"ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000
"DisableAntiSpyware"=0
"RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe
"ProductType"=2
"ManagedDefenderProductType"=0
"ProductStatus"=0
"InstallTime"=0xE8209B90F567D001
"DisableAntiVirus"=0
"OOBEInstallTime"=0xA781D5E647CBD401
"InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\
"LastEnabledTime"=0x0B6C62B82482D301
"BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1


---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

---------- | Winsock (Whitelist)

[HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002] : AF_UNIX
[HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002] : AF_UNIX
[HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002] : AF_UNIX
[HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002] : AF_UNIX

---------- | Hosts

127.0.0.1       localhost

---------- | Ping
La requ?te Ping n'a pas pu trouver l'h?te google.com. V?rifiez le nom et essayez ? nouveau.

---------- | @

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Internet Explorer\Main]
"Anchor Underline"=yes
"Disable Script Debugger"=yes
"DisableScriptDebuggerIE"=yes
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Save_Session_History_On_Exit"=no
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"UseClearType"=no
"XMLHTTP"=1
"Cache_Update_Frequency"=Once_Per_Session
"Local Page"=C:\Windows\system32\blank.htm
"NoUpdateCheck"=1
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Start Page"=http://www.google.com/
"Default_Page_URL"=http://asus13.msn.com/?pc=ASJB
"DisableFirstRunCustomize"=3
"OperationalData"=13
"FullScreen"=no
"ImageStoreRandomFolder"=dbohfxb
"IE10RunOncePerInstallCompleted"=1
"IE10RunOnceCompletionTime"=0x9263A03C11CBD401
"CompatibilityFlags"=0
"Window_Placement"=0x2C00000002000000010000000083FFFF0083FFFFFFFFFFFFFFFFFFFF0B0200001A000000A205000038030000
"DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC0010000500000004004000030020000
"SuppressScriptDebuggerDialog"=0
"Use FormSuggest"=no
"AutoHide"=yes
"Move System Caret"=no
"PlaySounds"=0
"Expand Alt Text"=no
"UseSWRender"=0
"Enable AutoImageResize"=yes
"EnableAlternativeCodec"=yes
"Show image placeholders"=0
"GotoIntranetSiteForSingleWordEntry"=0
"UseThemes"=1
"Friendly http errors"=yes
"Error Dlg Displayed On Every Error"=no
"NotifyDownloadComplete"=yes
"NscSingleExpand"=0
"SmoothScroll"=1
"Isolation"=PMEM
"DOMStorage"=1
"Isolation64Bit"=0
"MixedContentBlockImages"=1
"ApplicationTileImmersiveActivation"=0
"AssociationActivationMode"=2
"EdgeSwitchingOSBuildNumber"=10586.th2_release.160906-1759
"SearchBandMigrationVersion"=1
"Start Page_TIMESTAMP"=0xEE3ED14F0F41D401
"SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000001A0000004B5550468AFECAF327295AC51B37907710E22B74239C30DA9C30020000000E0000004675757352727843455255253364

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"DisableCachingOfSSLPages"=0
"IE5_UA_Backup_Flag"=5.0
"PrivacyAdvanced"=1
"SecureProtocols"=2688
"CertificateRevocation"=1
"User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
"ZonesSecurityUpgrade"=0x9263A03C11CBD401
"EmailName"=User@
"AutoConfigProxy"=wininet.dll
"MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges 
"WarnOnPost"=0x01000000
"UseSchannelDirectly"=0x01000000
"EnableHttp1_1"=1
"UrlEncoding"=0
"WarnonZoneCrossing"=0
"EnableNegotiate"=1
"MigrateProxy"=1
"ProxyEnable"=0
"DisableIDNPrompt"=0
"EnablePunycode"=1
"ShowPunycode"=0
"ProxyHttp1.1"=1
"EnableSPDY3_0"=1
"EnforceP3PValidity"=0
"WarnOnPostRedirect"=1
"WarnonBadCertRecving"=1
"LockDatabase"=131721594043094566

[HKLM\Software\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\System32\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"TabProcGrowth"=Medium
"DoNotTrack"=1

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1


---------- | Proxy


---------- | reparsepoint


---------- | Detection of offsets


---------- | Notify 


---------- | Execution FileExts












---------- | SIOI | SEH | URLSH

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  GoogleDriveBlacklisted] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} --  C:\Program Files\Google\Drive\googledrivesync64.dll   [07/12/2018 03:37:32]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  GoogleDriveSynced] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} --  C:\Program Files\Google\Drive\googledrivesync64.dll   [07/12/2018 03:37:32]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  GoogleDriveSyncing] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} --  C:\Program Files\Google\Drive\googledrivesync64.dll   [07/12/2018 03:37:32]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7} --  C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL   [01/10/2012 20:37:16]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} --  C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL   [01/10/2012 20:37:16]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} --  C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL   [01/10/2012 20:37:16]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B] - {6D4133E5-0742-4ADC-8A8C-9303440F7191} --  C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll   [26/06/2013 04:26:20]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_O] - {64174815-8D98-4CE6-8646-4C039977D809} --  C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll   [26/06/2013 04:26:20]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_U] - {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} --  C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll   [26/06/2013 04:26:20]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  C:\Windows\System32\EhStorShell.dll   [15/09/2018 08:28:50]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7} --  C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL   [01/10/2012 20:38:12]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} --  C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL   [01/10/2012 20:38:12]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} --  C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL   [01/10/2012 20:38:12]

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=   


---------- | Toolbar

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=1   

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"ITBar7Layout"=0x13000000000000000000000020000000100000000000000001000000800600005E010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"KnownProvidersUpgradeTime"=0x9263A03C11CBD401   
"Version"=4   
"UpgradeTime"=0x55EBC3C14966D101   
"DefaultPackCorrection"=1   
"DefaultPackNTCorrection"=1   
"ShowSearchSuggestionsInAddressGlobal"=0   
"DownloadRetries"=3   
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   


---------- | Extensions

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) -       []
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Cliquer pour appeler Lync) -       []
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Cliquer pour appeler Lync) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) -       []

---------- | SearchScopes

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () -  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{84EEFE7E-39B2-41C0-9F6B-693522C82884}] - (Google) - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB : 

---------- | ElevationPolicy

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6599A11C-52E7-4756-88A5-C6229B8B99AA}] - (C:\Program Files (x86)\Foxit PhantomPDF) - FoxitPhantomPDF.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{000209FF-0000-0000-C000-000000000046}] - (C:\Program Files\Microsoft Office\Office15) - winword.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03288CB3-3893-46D1-8D58-B2F8BB6FF5BF}] - (C:\Program Files\Microsoft Office\Office15) - MSACCESS.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0d92e0bf-7bdd-4068-b723-5090dd833ad4}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_YPRETBE.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_AR] - (C:\WINDOWS\system32\spool\drivers\x64\3) - cnmseAR.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BBE903C-2776-4574-9855-EC1597ABE3D6}] - (C:\Program Files\Microsoft Office\Office15) - excel.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FBAF6E6-C64B-49DB-AB1B-F93C607EBC71}] - (C:\Program Files\Microsoft Office\Office15\) - onenote.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{674287D8-FA5D-42c9-9DF0-014BE8F893FD}] - (%windir%\System32\GWX) - GWX.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72C8AC02-75E8-4444-9422-02FB7B43EC45}] - (C:\Program Files\Microsoft Office\Office15\) - lync.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8129df6b-c768-4002-b00d-8b42f2d5cd71}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_YARNTBE.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D13E03F-8289-4c15-A84F-7A8F655C830A}] - (C:\Program Files\Microsoft Office\Office15) - NAMECONTROLSERVER.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d759ee86-b04f-4203-b9c7-3114a69cb172}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_YJACTBE.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC6F}] - (c:\Program Files (x86)\McAfee\SiteAdvisor) - saUI.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD993BDC-06E0-4131-B889-DD3B9AEBE253}] - (C:\Program Files\Microsoft Office\Office15\) - IEContentService.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\system32\IME\SHARED\) - imedictupdateui.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6A6CA96-B08E-4429-BA30-39232494F292}] - (C:\Program Files\Microsoft Office\Office15) - MSPUB.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7629763-7562-4d3a-8468-6CA5563852B2}] - (C:\Program Files\Microsoft Office\Office15) - INFOPATH.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC88B53C-9B2A-1A25-5867-C8612E79DBF6}] - (C:\Program Files\Microsoft Office\Office15) - POWERPNT.EXE : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{000209FF-0000-0000-C000-000000000046}] - (C:\Program Files\Microsoft Office\Office15) - winword.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03288CB3-3893-46D1-8D58-B2F8BB6FF5BF}] - (C:\Program Files\Microsoft Office\Office15) - MSACCESS.EXE : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FCCD250-A453-4348-86C1-E5EA9B76FADB}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BBE903C-2776-4574-9855-EC1597ABE3D6}] - (C:\Program Files\Microsoft Office\Office15) - excel.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] - () -  : C:\Program Files (x86)\Java\jre1.8.0_60\bin\wsdetect.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FBAF6E6-C64B-49DB-AB1B-F93C607EBC71}] - (C:\Program Files\Microsoft Office\Office15\) - onenote.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{674287D8-FA5D-42c9-9DF0-014BE8F893FD}] - (%windir%\Syswow64\GWX) - GWX.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788}] - (C:\Program Files\Microsoft Office\Office15) - winproj.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72C8AC02-75E8-4444-9422-02FB7B43EC45}] - (C:\Program Files\Microsoft Office\Office15\) - lync.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D13E03F-8289-4c15-A84F-7A8F655C830A}] - (C:\Program Files\Microsoft Office\Office15) - NAMECONTROLSERVER.EXE : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8F94DF3-F6C6-422a-8BFC-7EE0F60A8609}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] - (C:\Program Files (x86)\Google\Update\1.3.33.23) - GoogleUpdateBroker.exe : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] - (C:\Program Files (x86)\Google\Update\1.3.33.23) - GoogleUpdateWebPlugin.exe : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC6F}] - (c:\Program Files (x86)\McAfee\SiteAdvisor) - saUI.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD993BDC-06E0-4131-B889-DD3B9AEBE253}] - (C:\Program Files\Microsoft Office\Office15\) - IEContentService.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\sysnative\IME\SHARED\) - imedictupdateui.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6A6CA96-B08E-4429-BA30-39232494F292}] - (C:\Program Files\Microsoft Office\Office15) - MSPUB.EXE : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7629763-7562-4d3a-8468-6CA5563852B2}] - (C:\Program Files\Microsoft Office\Office15) - INFOPATH.EXE : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC88B53C-9B2A-1A25-5867-C8612E79DBF6}] - (C:\Program Files\Microsoft Office\Office15) - POWERPNT.EXE : 

---------- | Ext\Settings

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{56A58823-AE99-11D5-B90B-0050DACD1F75}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{62B4D041-4667-40B6-BB50-4BC0A5043A73}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSSUPP.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1}] :  : C:\Windows\SysWOW64\ieframe.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{65303443-AD66-11D1-9D65-00C04FC30DF6}] :  : %SystemRoot%\system32\oleprn.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{65BCBEE4-7728-41A0-97BE-14E1CAE36AAE}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{760C4B83-E211-11D2-BF3E-00805FBE84A6}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}] :  : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\wtapp_PresenceDetector.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8075631E-5146-11D5-A672-00B0D022E945}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{884E2049-217D-11DA-B2A4-000E7BBB2B09}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{884E2051-217D-11DA-B2A4-000E7BBB2B09}] :  : %systemroot%\system32\CertEnroll.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{88D96A05-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{88D96A06-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{88D96A07-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{88D96A08-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{88D96A0A-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8AD9C840-044E-11D1-B3E9-00805F499D93}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E4062D9-FE1B-4B9E-AA16-5E8EEF68F48E}] :  : C:\Windows\SysWOW64\RegCtrl.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9203C2CB-1DC1-482D-967E-597AFF270F0D}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSSUPP.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{92337A8C-E11D-11D0-BE48-00C04FC30DF6}] :  : %SystemRoot%\system32\oleprn.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9F9C4924-C3F3-4459-A396-9E9E0D8B83D1}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9FC132B-096D-460B-B7D5-1DB0FAE0C062}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] :  : C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE3E-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE3F-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE40-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE42-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE43-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE98-C265-11D0-BCED-00A0C90AB50F}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSCLT.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE9E-C265-11D0-BCED-00A0C90AB50F}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSCLT.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEB3-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEB4-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEB5-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEB7-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEB8-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEDA-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEDB-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEDC-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEDD-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEDE-C265-11D0-BCED-00A0C90AB50F}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSCLT.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEE0-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEF2-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEF4-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADEF5-C265-11D0-BCED-00A0C90AB50F}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSSUPP.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C3701884-B39B-11D1-9D68-00C04FC30DF6}] :  : %SystemRoot%\system32\oleprn.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9712B19-838B-45A5-ABF2-9A315DDDED50}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDEC13B2-0B3C-400E-B909-E27EE89C6799}] :  : C:\Program Files (x86)\Microsoft Office\Office15\STSCOPY.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] :  : C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2517915-48CE-4286-970F-921E881B8C5C}] :  : C:\Windows\SysWOW64\WindowsLiveLogin.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D27CDB6E-AE6D-11CF-96B8-444553540000}] :  : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E01D1C6A-4F40-11D3-8958-00105A272DCF}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E543A17A-F212-49C0-B63D-BF09B460250E}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5}] :  : C:\Program Files (x86)\Common Files\Microsoft Shared\Portal\PortalConnectCore.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE09B103-97E0-11CF-978F-00A02463E06F}] :  : C:\Windows\SysWOW64\scrrun.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5078F32-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5078F33-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5078F34-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5078F35-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5078F36-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5078F39-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F6D90F14-9C73-11D3-B32E-00C04F990BB4}] :  : %SystemRoot%\System32\msxml3.dll

---------- | Ext\Stats

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0468C085-CA5B-11D0-AF08-00609797F0E0}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{12A66224-5E8A-4679-8941-0B9B960BF5EA}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25336920-03F9-11CF-8FD0-00AA00686F13}] :  : C:\Windows\SysWOW64\mshtml.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2CE45A33-7A0A-45F7-AC0C-107CD9DC191A}] :  : C:\Program Files (x86)\Foxit PhantomPDF\plugins\FoxitPhantomPDFBrowserAx.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3050F819-98B5-11CF-BB82-00AA00BDCE0B}] :  : C:\Windows\SysWOW64\mshtmled.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{56A58823-AE99-11D5-B90B-0050DACD1F75}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{62B4D041-4667-40B6-BB50-4BC0A5043A73}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSSUPP.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1}] :  : C:\Windows\SysWOW64\ieframe.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{65303443-AD66-11D1-9D65-00C04FC30DF6}] :  : %SystemRoot%\system32\oleprn.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{65BCBEE4-7728-41A0-97BE-14E1CAE36AAE}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}] :  : %SystemRoot%\system32\wmp.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{760C4B83-E211-11D2-BF3E-00805FBE84A6}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}] :  : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\wtapp_PresenceDetector.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8075631E-5146-11D5-A672-00B0D022E945}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{884E2049-217D-11DA-B2A4-000E7BBB2B09}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{884E2051-217D-11DA-B2A4-000E7BBB2B09}] :  : %systemroot%\system32\CertEnroll.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}] :  : C:\Windows\SysWOW64\ieframe.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88D96A05-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88D96A06-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88D96A07-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88D96A08-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88D96A0A-F192-11D4-A65F-0040963251E5}] :  : C:\Windows\SysWOW64\msxml6.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8AD9C840-044E-11D1-B3E9-00805F499D93}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E4062D9-FE1B-4B9E-AA16-5E8EEF68F48E}] :  : C:\Windows\SysWOW64\RegCtrl.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9203C2CB-1DC1-482D-967E-597AFF270F0D}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSSUPP.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{92337A8C-E11D-11D0-BE48-00C04FC30DF6}] :  : %SystemRoot%\system32\oleprn.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9F9C4924-C3F3-4459-A396-9E9E0D8B83D1}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9FC132B-096D-460B-B7D5-1DB0FAE0C062}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] :  : C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADE3E-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADE3F-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADE40-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADE42-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADE43-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADE98-C265-11D0-BCED-00A0C90AB50F}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSCLT.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADE9E-C265-11D0-BCED-00A0C90AB50F}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSCLT.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEB3-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEB4-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEB5-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEB7-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEB8-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEDA-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEDB-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEDC-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEDD-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEDE-C265-11D0-BCED-00A0C90AB50F}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSCLT.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEE0-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEF2-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEF4-C265-11D0-BCED-00A0C90AB50F}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADEF5-C265-11D0-BCED-00A0C90AB50F}] :  : C:\Program Files (x86)\Microsoft Office\Office15\OWSSUPP.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3701884-B39B-11D1-9D68-00C04FC30DF6}] :  : %SystemRoot%\system32\oleprn.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9712B19-838B-45A5-ABF2-9A315DDDED50}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDEC13B2-0B3C-400E-B909-E27EE89C6799}] :  : C:\Program Files (x86)\Microsoft Office\Office15\STSCOPY.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] :  : C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2517915-48CE-4286-970F-921E881B8C5C}] :  : C:\Windows\SysWOW64\WindowsLiveLogin.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}] :  : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E01D1C6A-4F40-11D3-8958-00105A272DCF}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E543A17A-F212-49C0-B63D-BF09B460250E}] :  : 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5}] :  : C:\Program Files (x86)\Common Files\Microsoft Shared\Portal\PortalConnectCore.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE09B103-97E0-11CF-978F-00A02463E06F}] :  : C:\Windows\SysWOW64\scrrun.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5078F32-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5078F33-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5078F34-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5078F35-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5078F36-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5078F39-C551-11D3-89B9-0000F81FE221}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F14-9C73-11D3-B32E-00C04F990BB4}] :  : %SystemRoot%\System32\msxml3.dll
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}] :  : %SystemRoot%\System32\msxml3.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{3C9CEE51-F166-462F-BD94-427F8C08323B}] :  : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\IntelWebAPIIPTActiveX.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] :  : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] :  : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll

---------- | Browser Helper Objects

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Lync Browser Helper) : C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll  [01/10/2012 20:38:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL  [01/10/2012 20:38:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> (Microsoft SkyDrive Pro Browser Helper) : C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL  [01/10/2012 20:38:12]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Lync Browser Helper) : C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll  [01/10/2012 20:38:12]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL  [01/10/2012 20:38:12]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> (Microsoft SkyDrive Pro Browser Helper) : C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL  [01/10/2012 20:38:12]

---------- | Chrome

C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom =  :     __MSG_description__ -    short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotificationsidlealarms] - https://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl =  :     Quickly access Skype for Web and Share on Skype through your browser -     Skype - https://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
C:\Users\Loïc\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm =  :     Provider for discovery and services for mirroring of Chrome Media Router -     Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh]
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]

---------- | Opera


---------- | Firefox


[HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 11.3.300.268 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll
[HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 11.3.300.268 Plugin) : C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] - (Microsoft Lync Plug-in for Firefox) : C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (WildTangent Games App V2 Presence Detector Plugin) : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll



---------- | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=172.20.10.1
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{3e26dbf7-1e8a-4dd4-806c-e8b8bda99b98}]
"DhcpNameServer"=192.168.1.202 8.8.8.8
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{b915f77c-3ada-4b5d-bcca-2425c97cd3e1}]
"DhcpNameServer"=172.20.10.1
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{f8735e10-c53b-455a-b069-892e1349dcdb}]
"DhcpNameServer"=172.20.10.1
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3e26dbf7-1e8a-4dd4-806c-e8b8bda99b98}]
"DhcpNameServer"=192.168.1.202 8.8.8.8
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b915f77c-3ada-4b5d-bcca-2425c97cd3e1}]
"DhcpNameServer"=172.20.10.1
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{f8735e10-c53b-455a-b069-892e1349dcdb}]
"DhcpNameServer"=172.20.10.1

---------- | ActiveX 

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> 
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - () - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> /UserInstall
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3FD00CDF-B5DA-3ADE-8F69-FDAB560C1496}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> U
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - (Google Chrome) - -> "C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{04148301-E031-3661-9B24-32E6B792438D}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> 


---------- | Applications

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Classes\Applications\uTorrent.exe] : "C:\Users\Loïc\AppData\Roaming\uTorrent\uTorrent.exe" "%1" /SHELLASSOC
[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[HKLM\SOFTWARE\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L"
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen
[HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | DCOMApplications

Name: Microsoft Excel Application - AppID: {00020812-0000-0000-C000-000000000046}
Name: Document Microsoft Word 97 - 2003 - AppID: {00020906-0000-0000-C000-000000000046}
Name: Microsoft Outlook - AppID: {0006F03A-0000-0000-C000-000000000046}
Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af}
Name: SkypeAgent - AppID: {006E2589-A587-40E1-B217-38236B0F519C}
Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68}
Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba}
Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3}
Name: InstallShield InstallDriver - AppID: {01BA3B96-2FE0-4BE0-B965-83ED78E1BB4E}
Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5}
Name: iCloudServices - AppID: {02e94c8e-8e99-4608-bef5-473823e91c50}
Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030}
Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd}
Name: InstallServiceUserBroker - AppID: {0450178e-e3ee-46d8-9130-c0b84f169f53}
Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B}
Name: NvCpl - AppID: {048F26EF-2F89-46C9-99E7-481E40F3F2EC}
Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B}
Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32}
Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23}
Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168}
Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299}
Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96}
Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B}
Name: McOobeSvc - AppID: {08F4B21B-105C-4D16-822E-223E9C5ED0FC}
Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A}
Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B}
Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3}
Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3}
Name: KnowlesAPOHDDll - AppID: {0A21D954-674A-4C09-806E-DB4FBE8F199C}
Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94}
Name: MainController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1}
Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C}
Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de}
Name: IntelCpHeciSvc - AppID: {11AC3232-E7D7-49CD-ABFE-501700100B3A}
Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E}
Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666}
Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80}
Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0}
Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B}
Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}
Name: RuntimeBroker - AppID: {15c20b67-12e7-4bb6-92bb-7aff07997402}
Name: ExternalApplication Class - AppID: {1673EE5D-D576-4945-927D-920AFA24166D}
Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}
Name: AppleSoftwareUpdateAdmin - AppID: {16D99191-6280-4B33-A2F5-04805A0FC582}
Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A}
Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31}
Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}
Name: SimpleAES64 - AppID: {1A7585D3-CDB0-4AB6-AEA5-E85B15A100E8}
Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC}
Name: PerceptionSimulation - AppID: {1B162A5B-B67A-4468-9613-C3F9765B353B}
Name: DebugTargetAdapters Class - AppID: {1b7778f3-fe54-443c-8729-1e78b0715299}
Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6}
Name: Office Licensing COM Server 15 - AppID: {1E886174-DC88-4B83-8BC5-66409EC75F15}
Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c}
Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}
Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2}
Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7}
Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717}
Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526}
Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137}
Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829}
Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97}
Name: DTSLimiterDLL - AppID: {24E79C19-1F52-43CC-8684-BFA13340E72C}
Name: IpodService - AppID: {250DD19F-6E7F-4BA3-9E1B-69E6CDC52F30}
Name: Experimentation Broker - AppID: {2568BFC5-CDBE-4585-B8AE-C403A2A5B84A}
Name: OCComSDK - AppID: {257AE6D8-A9F3-4113-9AA8-5EED67D44267}
Name: Update Notification Component Com Handler - AppID: {25d6d937-1fa3-4a22-8875-8680943b3f29}
Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF}
Name: DTSVoiceClarityDLL - AppID: {272EFD2A-90BE-4E48-8557-3D9CEA0530A0}
Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E}
Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69}
Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32}
Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E}
Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A}
Name: AERTACap - AppID: {288E7ECC-EB53-45df-8EBD-72EAF9AFCB00}
Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78}
Name: TosEAEAPODLL - AppID: {2A3C3DC0-7618-49FF-93E3-6481ACDDF2F2}
Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A}
Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5}
Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37}
Name: ConvertToPDFShellExtension - AppID: {2EAE6086-084B-4C42-B2CA-B30549B3D047}
Name: Windows Security Health Service - AppID: {2EB6D15C-5239-41CF-82FB-353D20B816CF}
Name: WaaSMedicSvc - AppID: {2ED83BAA-B2FD-43B1-99BF-E6149C622692}
Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C}
Name: ImmersiveShellBrokers - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD}
Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5}
Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7}
Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606}
Name: ICCProxy - AppID: {3163A299-B985-4140-A820-57D8351EFCA1}
Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97}
Name: UiaManagerCrossMachineProxyAppId - AppID: {31b965c2-d4a3-4d8e-ac40-a76d466cd0b7}
Name: Delivery Optimization User - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B}
Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F}
Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90}
Name: TrayAppIdentityResolver - AppID: {35BC523D-8BE9-496E-8257-026E8B4750FC}
Name: CoreDpusSvr - AppID: {36234D6F-D9B8-404B-91C9-736BD2EE3040}
Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d}
Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB}
Name: Security Health Agent Activate As Activator Host - AppID: {37096FBE-2F09-4FF6-8507-C6E4E1179893}
Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C}
Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2}
Name: AGFNEX - AppID: {38EEE340-690E-43A2-B086-95C66F96A19F}
Name: MiracastTestRemoteCommandSender - AppID: {39214908-5362-44b4-97f4-1aa724d3e0da}
Name: GamesAppService - AppID: {394447FA-A1B8-4E2D-8677-3441FD66C004}
Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6}
Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1}
Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995}
Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F}
Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e}
Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7}
Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683}
Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25}
Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c}
Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91}
Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E}
Name: NaturalAuthentication - AppID: {412E0F20-6C5B-43EC-879F-DA444A416EAC}
Name: Core Shell Broker Provider - AppID: {41928E27-7275-491C-A5A1-4FDC791BF609}
Name: AERTARen - AppID: {41C98373-FE7F-4a42-B694-34CC4F979E61}
Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8}
Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775}
Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85}
Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9}
Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29}
Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C}
Name: NvXDSyncPlugin - AppID: {4680B596-CF8C-44E1-A676-4AAA819E041F}
Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E}
Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849}
Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B}
Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077}
Name: COM_SRS_HP360 - AppID: {49611624-F1A3-4AA7-8A06-0209D7D6BA92}
Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}
Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB}
Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d}
Name: IndexedDbCacheServer - AppID: {49f6e667-6658-4bd1-9de9-6af87f9faf85}
Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17}
Name: CSISYNCCLIENT.EXE - AppID: {4B417484-ABFF-4C70-8C2F-5A729026263C}
Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}
Name: DDPA32 - AppID: {4CBB9627-E758-489D-AE4E-A2BAFE0788F2}
Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC}
Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94}
Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345}
Name: ServiceModule - AppID: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B}
Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630}
Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25}
Name: Security Health Agent Interactive User Host for WDSP only - AppID: {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}
Name: iTunesAdmin - AppID: {5011B6DE-E9FA-4518-B5E5-45DE9DD2CDC6}
Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601}
Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1}
Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}
Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5}
Name: Microsoft TEC Server - AppID: {52A0704B-CD41-4B75-A49F-A47322B23773}
Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B}
Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B}
Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C}
Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660}
Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E}
Name: LMS - AppID: {545C8D56-7A88-492D-B38D-559657A3DD4C}
Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b}
Name: SRS_APO_Universal - AppID: {553C48B2-BA6B-412B-9F8D-2B62B1B912AA}
Name: MeetingJoinAxOC - AppID: {561C57B5-CC32-438F-A667-860E43345537}
Name: Bonjour - AppID: {56608F9C-223B-4CB6-813D-85EDCCADFB4B}
Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF}
Name: WT - AppID: {568C34F6-73E1-4F3E-ADAE-FF34A076294C}
Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B}
Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212}
Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC}
Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2}
Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61}
Name: Docking.VirtualInput Create Object Server - AppID: {5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}
Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6}
Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}
Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0}
Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1}
Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF}
Name: MSSHED - AppID: {5F6C4077-12F5-11D3-8CEE-005004838434}
Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25}
Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1}
Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D}
Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327}
Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2}
Name: CoreShellHost - AppID: {64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}
Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E}
Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}
Name: DTSNeoPCDLL - AppID: {68976842-77A6-447F-83E8-97DF7A83A970}
Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30}
Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8}
Name: SoftwareUpdateApp - AppID: {6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8}
Name: PDFPreviewHandlerHost - AppID: {6B127CFD-C642-4338-BC8C-472DF61E5A14}
Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}
Name: Watson subscriber for SENS Network Events - AppID: {6CF90891-3E04-4092-B96C-28E071EEEACB}
Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b}
Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56}
Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56}
Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}
Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D}
Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce}
Name: SEMgrSvc - AppID: {6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}
Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca}
Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8}
Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5}
Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23}
Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e}
Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC}
Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD}
Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}
Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED}
Name: NAHIMICV2SettingsIPC - AppID: {76d57399-2584-44b9-a6a8-9dd7022fb85e}
Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950}
Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070}
Name: WebPlatStorageBrokerServer - AppID: {7966b4d8-4fdc-4126-a10b-39a3209ad251}
Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100}
Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d}
Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7}
Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829}
Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7}
Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32}
Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6}
Name: EEA64A - AppID: {7D5D40EC-DCAF-4858-B7DC-9BA70C8B7C39}
Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB}
Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715}
Name: Security Health Agent Interactive User Host - AppID: {7E55A26D-EF95-4A45-9F55-21E52ADF9887}
Name: DTSBassEnhancementDLL - AppID: {7E70FA0D-5DFA-4BA6-98C6-F10BBAAF7410}
Name: Battery Notification Manager - AppID: {7EAD5C10-8B3F-11E6-AE22-56B6B6499611}
Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034}
Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629}
Name: CnxtDSPdll - AppID: {81D6AA8D-5401-4EE7-A7A2-95133649C977}
Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B}
Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F}
Name: APSDaemon - AppID: {85187E17-383D-4EC5-B8D6-D9466EE3DD92}
Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850}
Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE}
Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}
Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}
Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24}
Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED}
Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854}
Name: TosASFAPODLL - AppID: {8C2856EC-F5FE-4FEA-BA6E-22AC88ED79F2}
Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB}
Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee}
Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}
Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C}
Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2}
Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb}
Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444}
Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db}
Name: Application Microsoft PowerPoint - AppID: {91493441-5A91-11CF-8700-00AA0060263B}
Name: DTSSymmetryDLL - AppID: {91953DA9-4AB8-473A-BF6D-462FA2E58025}
Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F}
Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F}
Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60}
Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139}
Name: Wwan Service Toast Notification - AppID: {941C53C2-D2D7-4C74-84EA-28F8F6438D4B}
Name: ServiceModule - AppID: {9465B4B4-5216-4042-9A2C-754D3BCDC410}
Name: UiaManager - AppID: {94a38670-983b-459c-87c8-bb6ad617fd74}
Name: PenIMC4v2 - AppID: {953E4863-7AD1-4DAE-B2BD-108F1D57967B}
Name: WebPlatformStorageServer - AppID: {973d20d7-562d-44b9-b70b-5a0f49ccdf3f}
Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60}
Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE}
Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7}
Name: Bluetooth User Service - AppID: {9980CAAB-B154-408C-B5FD-29A701E40825}
Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Name: NVXDPlcy - AppID: {9C5791C4-BCD3-48B8-A10D-CA0279320836}
Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276}
Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}
Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030}
Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D}
Name: TosSAEMAXAPODLL - AppID: {9EE3B75C-74C4-4CCB-9BB2-BF5CA444C1A6}
Name: CDP Reference Host - AppID: {A0316E2D-8793-4E74-AA48-8CE2ED05BA57}
Name: contextmenu - AppID: {A0E45FE6-E6DD-444D-8ACC-577D8F0C14F8}
Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15}
Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe}
Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3}
Name: Xhr2OOP - AppID: {a3a81ee7-be13-4dd8-89f7-26aba705d81d}
Name: Virtual Factory for Windows Defender Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357}
Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6}
Name: Nv3DAppShExt - AppID: {A4CF1DBB-664A-4600-9CE3-96FBAA344504}
Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C}
Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24}
Name: DTSBoostDLL - AppID: {A5900CCC-3E28-4F96-8410-C43BF113C279}
Name: Core Shell Service Provider - AppID: {A67168DB-418E-4087-B63E-852E822BB1ED}
Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121}
Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0}
Name: updaterActiveX - AppID: {A75E0259-1AE1-4046-A5CA-27B2A0DAA8A6}
Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}
Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50}
Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D}
Name: Core Shell LPAC Broker Provider - AppID: {A7E84C44-F0C0-44F9-A4F2-68B5EA50B200}
Name: SwapAPODll - AppID: {A85F41D6-156B-470D-B505-110388968D5A}
Name: Delivery Optimization Managment - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}
Name: Core Shell COM Server Registrar - AppID: {AA8F1F23-D819-4E95-9B36-7FD68D5218F9}
Name: saUI - AppID: {AAA2C159-2F8C-4BE0-A292-79441900CC03}
Name: TepeqAPODll - AppID: {AAA42638-53A8-4D94-95FC-52ED115A58B4}
Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C}
Name: QuietHours App ID - AppID: {AB7BDC53-0BB5-44F5-9E25-C444313D4686}
Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22}
Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}
Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94}
Name: McAMTaskAgent - AppID: {ABCD3CC8-8490-4E62-9550-48F21329C885}
Name: PaymentsSvc - AppID: {AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}
Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}
Name: Microsoft Volumetric Audio Compositor - AppID: {AD829705-CCA8-44D4-88E0-331E48336059}
Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}
Name: EEG64A - AppID: {ADC304B3-E91E-42dd-A72B-FE15B5E2C3BF}
Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871}
Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1}
Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA}
Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1}
Name: WXPNSE - AppID: {B28AA736-876B-46DA-B3A8-84C5E30BA492}
Name: WpcMonSvc - AppID: {B34F88D1-F26B-42D5-8DD5-A442303A05D7}
Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492}
Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E}
Name: DTSGainCompensatorDLL - AppID: {B3D43A87-E6C7-4EC8-8546-CEB9EE9BD936}
Name: AsusWSShellExt64 - AppID: {B632FD83-2E6D-4F19-B8A4-1DDA6DBE1384}
Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C}
Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599}
Name: Com_SRS_TruSurroundHD - AppID: {B6D5C1B8-6F68-4A82-8E20-2D0F3A52BD6A}
Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2}
Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D}
Name: NVXDApiX - AppID: {B92B577B-628A-442B-A017-E86FB518C6FD}
Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755}
Name: Bluetooth AVCTP Service - AppID: {B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}
Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287}
Name: DTSS2HeadphoneDLL - AppID: {BA291C7C-39AC-4331-9592-B694DA24BC89}
Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4}
Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70}
Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}
Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145}
Name: LxpSvc - AppID: {BCE82FB7-43F4-4827-A503-69E561667293}
Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}
Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41}
Name: FoxitPrevHndlr - AppID: {BD5BDF7D-9849-4FEF-AC02-28EE2E7C7C46}
Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b}
Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D}
Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880}
Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF}
Name: Spectrum - AppID: {C0E1CE99-C981-44A2-AC4C-41036FAC6593}
Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6}
Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412}
Name: RetailCoreSystemAgent Service - AppID: {C2EA2356-994C-45AF-BDAE-10796F73BC47}
Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF}
Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1}
Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E}
Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444}
Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D}
Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}
Name: NvXDCore - AppID: {C5EDFC9D-B018-41A4-9877-39AB18469C3A}
Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5}
Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F}
Name: InstallShield InstallDriver - AppID: {C8449F19-89E4-4D7C-80E6-845874CB936E}
Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8}
Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9}
Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81}
Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D}
Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C}
Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}
Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F}
Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad}
Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B}
Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F}
Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF}
Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF}
Name: GraphicsPerfSvc - AppID: {cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}
Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933}
Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}
Name: ShadowPlay Server - AppID: {CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03}
Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395}
Name: DTSS2SpeakerDLL - AppID: {CF3C79C7-8096-4BF2-9684-9F6B832FAC23}
Name: SwapAPODll - AppID: {CF85F74A-E465-4fb6-898F-8F72C2B84D8E}
Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7}
Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5}
Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937}
Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652}
Name: GattI - AppID: {D5886840-05EE-42E4-B5FD-784B3B2F44B9}
Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30}
Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03}
Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}
Name: Microsoft.Live.FolderShare.Client - AppID: {daa6bc26-4dfa-4e8f-8d5f-47202dc8e400}
Name: TADEFxApo - AppID: {DB3D3052-9F00-4300-9285-91E27275BD34}
Name: IndexedDbBrokerServer - AppID: {dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}
Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}
Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a}
Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44}
Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5}
Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F}
Name: FoxitThumbnailHndlr - AppID: {E1084781-9CA9-42EF-AC67-140D37CCD97E}
Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E}
Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258}
Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212}
Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB}
Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7}
Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F}
Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5}
Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A}
Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9}
Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886}
Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5}
Name: BtContextMenu - AppID: {E830FFE5-20B2-4797-AF1F-2303B875CD00}
Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90}
Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4}
Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A}
Name: Exchange Active Sync Policy Manager Broker - AppID: {E9DD849F-B3CF-4614-94BB-CB2696BD34FB}
Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB}
Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}
Name: GamesAppIntegrationService - AppID: {EA593FF1-B802-4689-86E9-EA3A4FBABFAC}
Name: Convert VHD - AppID: {eae61b75-98d8-4af9-94e6-84b1c6f77c8a}
Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A}
Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A}
Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A}
Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58}
Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147}
Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7}
Name: MixedRealityCapture - AppID: {EE3C7093-A852-49BA-8AC8-7DFBEC469F72}
Name: CloudExperienceHostAppManager - AppID: {EEABBBC4-12D0-48F4-A9C5-9AB471806C29}
Name: NVXDBat - AppID: {EF73A51A-EE4A-4E16-9D3A-649245C8F44F}
Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522}
Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}
Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09}
Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7}
Name: TTSObj - AppID: {F29A07DB-9775-46B7-A7DD-94C440145B52}
Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}
Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}
Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A}
Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248}
Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717}
Name: IDriverT - AppID: {F58088EA-D0B0-421F-A1FE-3CF5898051D6}
Name: ActivatableApplicationRegistrar - AppID: {f59bbec1-0907-4464-b04d-1da329585370}
Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9}
Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8}
Name: Account Manager Service - AppID: {f7f34f79-6791-4d4e-9f15-9eaecd50bd78}
Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a}
Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E}
Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996}
Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}
Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Name: iTunes - AppID: {F98206B5-F052-4965-9FA0-85F61BC3C19D}
Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333}
Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E}
Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb}
Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160}
Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}
Name: EEL64A - AppID: {FCA1E26B-AE4B-45a0-B7C8-34A007E79C3A}
Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9}
Name: ICEsoundAPODll - AppID: {FD4B6EB8-6A1F-4C1E-AAF4-01AD4A7F7C8D}
Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00}
Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C}
Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}
Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744}

Win32_DCOMApplication.AppID="{00020812-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{00020812-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{00020812-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-12"
Win32_DCOMApplication.AppID="{00020812-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{00020812-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{00020906-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{00020906-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{00020906-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-12"
Win32_DCOMApplication.AppID="{00020906-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{00020906-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0006F03A-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{0006F03A-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0006F03A-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-12"
Win32_DCOMApplication.AppID="{0006F03A-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0006F03A-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-3-3215430884-1339816292-89257616-1145831019"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559"
Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-84-0-0-0-0-0"
Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{16D99191-6280-4B33-A2F5-04805A0FC582}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{16D99191-6280-4B33-A2F5-04805A0FC582}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556"
Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522"
Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F15}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F15}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F15}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F15}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628"
Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556"
Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{37B05236-FFB5-4D42-B0C8-4A36CBF1BE15}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{37B05236-FFB5-4D42-B0C8-4A36CBF1BE15}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-1"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-2"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-3"
Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-3-1024-3153509613-960666767-3724611135-2725662640-12138253-543910227-1950414635-4190290187"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{5011B6DE-E9FA-4518-B5E5-45DE9DD2CDC6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{5011B6DE-E9FA-4518-B5E5-45DE9DD2CDC6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5011B6DE-E9FA-4518-B5E5-45DE9DD2CDC6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412"
Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376"
Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331"
Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-3-1024-79080987-3398622760-2608912076-1085899501-4039864605-4024366022-736258278-368603348"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-80-4155767994-3874329934-3800885181-2130851812-726865888"
Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{91493441-5A91-11CF-8700-00AA0060263B}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{91493441-5A91-11CF-8700-00AA0060263B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{91493441-5A91-11CF-8700-00AA0060263B}" - Win32_SID.SID="S-1-5-12"
Win32_DCOMApplication.AppID="{91493441-5A91-11CF-8700-00AA0060263B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{91493441-5A91-11CF-8700-00AA0060263B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-3859068477-1314311106-1651661491-1685393560"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-2385269614-3243675-834220592-3047885450"
Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331"
Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{9980CAAB-B154-408C-B5FD-29A701E40825}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{9980CAAB-B154-408C-B5FD-29A701E40825}" - Win32_SID.SID="S-1-5-80-2586557155-168560303-1373426920-983201488-1499765686"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A0316E2D-8793-4E74-AA48-8CE2ED05BA57}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331"
Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-3167453650-624722384-889205278-321484983-714554697-3592933102-807660695-1632717421"
Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586"
Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691"
Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-3-1024-2922296261-1647482768-2017091146-3858667068-4135663662-2931985894-1627820925-818366431"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-3-1024-79080987-3398622760-2608912076-1085899501-4039864605-4024366022-736258278-368603348"
Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708"
Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-3246321066-2451215914-3422911474-2201726393-166328789"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628"
Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464"
Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-15-3-1024-2819154332-3691255550-2499738133-2646149002-4290075130-3069449926-721213713-3168903538"
Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{EE3C7093-A852-49BA-8AC8-7DFBEC469F72}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{EE3C7093-A852-49BA-8AC8-7DFBEC469F72}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-5-7"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551"
Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-1"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-2"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-3"
Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556"
Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544"

---------- | SvcHost (Whitelist)

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=Power
LSM
BrokerInfrastructure
PlugPlay
DcomLaunch
SystemEventsBroker
DeviceInstall
"rdxgroup"=RetailDemo
"Camera"=FrameS
"LocalServiceNoNetworkFirewall"=BFE
mpssvc
"diagnostics"=DiagSvc
"PrintWorkflow"=PrintWorkflowUserSvc
"wusvcs"=WaaSMedicSvc
"BcastDVRUserService"=BcastDVRUserService
"GraphicsPerfSvcGroup"=GraphicsPerfSvc
"ClipboardSvcGroup"=cbdhsvc
"BthAppGroup"=BluetoothUserService
"smbsvcs"=lanmanserver
"DevicesFlow"=DevicesFlowUserSvc
ConsentUxUserSvc
DevicePickerUserSvc

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=DcomLaunch
DeviceInstall
"PrintWorkflow"=PrintWorkflowUserSvc
"smbsvcs"=lanmanserver


---------- | SvcHost - Netsvcs (Whitelist)


---------- | Software

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Apowersoft]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\AppDataLow]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Apple Computer, Inc.]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Apple Inc.]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\ASUS]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Atheros]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\BitTorrent]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Canon]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Chromium]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\CineForm]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Clients]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\ECAREME]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\ElAmigos]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Epic Games]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\EPSON]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\EPSON Software Updater]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Foxit Software]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Foxit Software Company]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Garmin]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Google]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\GoPro]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\IM Providers]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Intel]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\JavaSoft]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Local AppWizard-Generated Applications]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Macromedia]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Malwarebytes]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Marmiton]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\MatchWare]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Mine]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\MozillaPlugins]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Netscape]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\NVIDIA Corporation]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\ODBC]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Policies]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\QtProject]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Realtek]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\RegisteredApplications]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\SkyLine]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Skype]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\sysinternals]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\TechSmith]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Trolltech]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\VB and VBA Program Settings]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\WinRAR]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\WinRAR SFX]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Wintertree]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Wow6432Node]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\ZHP]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\AppDataLow\Software\Adobe]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\AppDataLow\Software\JavaSoft]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\AssignedAccessConfiguration]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows\Winlogon]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\AdsFix]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ASUS]
[HKLM\Software\Atheros]
[HKLM\Software\Canon]
[HKLM\Software\Clients]
[HKLM\Software\CPUID]
[HKLM\Software\DefaultUserEnvironment]
[HKLM\Software\Dolby]
[HKLM\Software\DTS]
[HKLM\Software\ECAREME]
[HKLM\Software\EPSON]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\Google]
[HKLM\Software\ICEpower]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\Microsoft]
[HKLM\Software\Mozilla]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Nahimic]
[HKLM\Software\Nuance]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Partner]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RTLSetup]
[HKLM\Software\SonicFocus]
[HKLM\Software\SRS Labs]
[HKLM\Software\Synaptics]
[HKLM\Software\sysinternals]
[HKLM\Software\Waves Audio]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Yamaha APO]
[HKLM\Software\Microsoft\Windows\ClickNote]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\Dwm]
[HKLM\Software\Microsoft\Windows\DynamicManagement]
[HKLM\Software\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\Microsoft\Windows\Heat]
[HKLM\Software\Microsoft\Windows\Help]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\Microsoft\Windows\Shell]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\UpdateApi]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AGEIA Technologies]
[HKLM\Software\WOW6432Node\Apple Inc.]
[HKLM\Software\WOW6432Node\ASIO]
[HKLM\Software\WOW6432Node\AsLdr]
[HKLM\Software\WOW6432Node\ASUS]
[HKLM\Software\WOW6432Node\Atheros]
[HKLM\Software\WOW6432Node\Canon]
[HKLM\Software\WOW6432Node\EasyAntiCheat]
[HKLM\Software\WOW6432Node\ECAREME]
[HKLM\Software\WOW6432Node\Electronic Arts]
[HKLM\Software\WOW6432Node\Epic Games]
[HKLM\Software\WOW6432Node\EpicGames]
[HKLM\Software\WOW6432Node\EPSON]
[HKLM\Software\WOW6432Node\Foxit Software]
[HKLM\Software\WOW6432Node\Garmin]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\GoPro]
[HKLM\Software\WOW6432Node\ICEpower]
[HKLM\Software\WOW6432Node\IM Providers]
[HKLM\Software\WOW6432Node\InstallShield]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\JreMetrics]
[HKLM\Software\WOW6432Node\Khronos]
[HKLM\Software\WOW6432Node\L&H]
[HKLM\Software\WOW6432Node\Link Data Security]
[HKLM\Software\WOW6432Node\Macromedia]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\MozillaPlugins]
[HKLM\Software\WOW6432Node\Nuance]
[HKLM\Software\WOW6432Node\NVIDIA Corporation]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\PocketSoft]
[HKLM\Software\WOW6432Node\PowerPivot]
[HKLM\Software\WOW6432Node\Qualcomm Atheros]
[HKLM\Software\WOW6432Node\Realtek]
[HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\WOW6432Node\SEIKO EPSON Corp.]
[HKLM\Software\WOW6432Node\Skype]
[HKLM\Software\WOW6432Node\SRS Labs]
[HKLM\Software\WOW6432Node\SuppHelpDir]
[HKLM\Software\WOW6432Node\VideoLAN]
[HKLM\Software\WOW6432Node\Voice]
[HKLM\Software\WOW6432Node\Volatile]
[HKLM\Software\WOW6432Node\WildTangent]
[HKLM\Software\WOW6432Node\WinRAR]
[HKLM\Software\WOW6432Node\WOW6432Node]
[HKLM\Software\WOW6432Node\XMind]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm]
[HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Heat]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs]

---------- | FeatureControl

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"googledrivesync.exe"="9999"
"GOOGLE~1.EXE"="9999"
"OneDrive.exe"="11000"
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOMAIN_REDIRECT_MITIGATION]
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
"iexplore.exe"="1"
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE]
"clview.exe"="0"
[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL]
"WindowsAnytimeUpgradeUI.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"infopath.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]
"HelpPane.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"HelpPane.exe"="10000"
"prevhost.exe"="8000"
"UNPUXHost.exe"="11000"
"googledrivesync.exe"="8000"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"SAPfewgsrv.exe"="0"
"SAPGUI.exe"="0"
"SAPGuiIT.exe"="0"
"SAPLgPad.exe"="0"
"SAPLOGON.exe"="0"
"Scale_for_R3.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]
"ieuser.exe"="1"
"iexplore.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]
"YahooMusicEngine.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]
"HelpPane.exe"="100000"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]
"devenv.exe"="1"
"dexplore.exe"="1"
"helppane.exe"="1"
"PresentationHost.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]
"msfeedssync.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]
""=""
"msiexec.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]
"cs.exe"="1"
"waol.exe"="1"
"wm.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]
"iexplore.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]
"helppane.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]
"wlmail.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]
"explorer.exe"="4"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]
"explorer.exe"="2"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MEMPROTECT_MODE]
"*"="3"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]
"mshta.exe"="1"
"outlook.exe"="1"
"sidebar.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
"explorer.exe"="0"
"iexplore.exe"="0"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]
"communicator.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]
"msimn.exe"="1"
"prevhost.exe"="1"
"winmail.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]
"HelpPane.exe"="0"
"prevhost.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]
"msimn.exe"="1"
"outlook.exe"="1"
"winmail.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]
"excel.exe"="1"
"infopath.exe"="1"
"powerpnt.exe"="1"
"winword.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]
"HelpPane.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]
"msn.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]
"iexplore.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]
"explorer.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSE.EXE"="1"
"EQNEDT32.EXE"="1"
"Setup.exe"="1"
"ODeploy.exe"="1"
"Oarpmany.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"FLTLDR.EXE"="1"
"MSOSQM.EXE"="1"
"MSOICONS.EXE"="1"
"CMigrate.exe"="1"
"protocolhandler.exe"="1"
"CSISYNCCLIENT.EXE"="1"
"CLVIEW.EXE"="1"
"NAMECONTROLSERVER.EXE"="1"
"VSTOInstaller.exe"="1"
"DW20.EXE"="1"
"DWTRIG20.EXE"="1"
"MSOHTMED.EXE"="1"
"MSOXMLED.EXE"="1"
"msotd.exe"="1"
"msoev.exe"="1"
"msoia.exe"="1"
"MSOSYNC.EXE"="1"
"MSOUC.EXE"="1"
"OLicenseHeartbeat.exe"="1"
"FIRSTRUN.EXE"="1"
"SELFCERT.EXE"="1"
"SETLANG.EXE"="1"
"GRAPH.EXE"="1"
"MSQRY32.EXE"="1"
"SmartTagInstall.exe"="1"
"SQLDumper.exe"="1"
"EXCEL.EXE"="1"
"XLICONS.EXE"="1"
"INFOPATH.EXE"="1"
"GROOVE.EXE"="1"
"AppSharingHookController64.exe"="1"
"lync.exe"="1"
"OcPubMgr.exe"="1"
"UcMapi.exe"="1"
"lynchtmlconv.exe"="1"
"ONENOTE.EXE"="1"
"IEContentService.exe"="1"
"ONENOTEM.EXE"="1"
"OUTLOOK.EXE"="1"
"SCANPST.EXE"="1"
"CNFNOT32.EXE"="1"
"excelcnv.exe"="1"
"Wordconv.exe"="1"
"POWERPNT.EXE"="1"
"PPTICO.EXE"="1"
"misc.exe"="1"
"MSPUB.EXE"="1"
"PDFREFLOW.EXE"="1"
"WINWORD.EXE"="1"
"WORDICON.EXE"="1"
"VPREVIEW.EXE"="1"
"ACCICONS.EXE"="1"
"MSACCESS.EXE"="1"
"Common.ShowHelp.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"infopath.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]
"HelpPane.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"HelpPane.exe"="10000"
"prevhost.exe"="8000"
"Skype.exe"="10001"
"SkypeBrowserHost.exe"="10001"
"mbamtray.exe"="11000"
"mbam.exe"="11000"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"SAPfewgsrv.exe"="0"
"SAPGUI.exe"="0"
"SAPGuiIT.exe"="0"
"SAPLgPad.exe"="0"
"SAPLOGON.exe"="0"
"Scale_for_R3.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]
"ieuser.exe"="1"
"iexplore.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]
"YahooMusicEngine.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]
"HelpPane.exe"="100000"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]
"devenv.exe"="1"
"dexplore.exe"="1"
"helppane.exe"="1"
"PresentationHost.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]
"msfeedssync.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]
""=""
"msiexec.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]
"cs.exe"="1"
"waol.exe"="1"
"wm.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]
"iexplore.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]
"helppane.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]
"wlmail.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]
"explorer.exe"="4"
"Skype.exe"="6"
"SkypeBrowserHost.exe"="6"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]
"explorer.exe"="2"
"Skype.exe"="6"
"SkypeBrowserHost.exe"="6"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MEMPROTECT_MODE]
"*"="3"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]
"mshta.exe"="1"
"outlook.exe"="1"
"sidebar.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
"explorer.exe"="0"
"iexplore.exe"="0"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]
"communicator.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]
"msimn.exe"="1"
"prevhost.exe"="1"
"winmail.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]
"prevhost.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]
"HelpPane.exe"="0"
"prevhost.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]
"msimn.exe"="1"
"outlook.exe"="1"
"winmail.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]
"excel.exe"="1"
"infopath.exe"="1"
"powerpnt.exe"="1"
"winword.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]
"HelpPane.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]
"msn.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]
"iexplore.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]
"explorer.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"CMigrate.exe"="1"
"OSE.EXE"="1"
"MSOHTMED.EXE"="1"
"AppSharingHookController.exe"="1"
"VSTOInstaller.exe"="1"
"SQLDumper.exe"="1"
"Common.DBConnection.exe"="1"
"Common.DBConnection64.exe"="1"
"filecompare.exe"="1"
"SPREADSHEETCOMPARE.EXE"="1"
"DATABASECOMPARE.EXE"="1"

---------- | The Created last ones ? Modified

[MD5.00000000000000000000000000000000] - [23/02/2019 02:39:43] - |D| - [25757] - C:\Program Files (x86)\MSBuild
[MD5.00000000000000000000000000000000] - [23/02/2019 02:39:43] - |D| - [38462721] - C:\Program Files (x86)\Reference Assemblies
[MD5.AC7C937474FE223B468BCAF008448977] - [23/02/2019 02:42:13] - |AS| - [67584] - C:\WINDOWS\bootstat.dat
[MD5.E6838D4EB2831E873B59BC1D120F080B] - [23/02/2019 03:10:34] - |A| - [51289] - C:\WINDOWS\comsetup.log
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [23/02/2019 03:25:54] - |A| - [7623] - C:\WINDOWS\diagerr.xml
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [23/02/2019 03:25:54] - |A| - [7623] - C:\WINDOWS\diagwrn.xml
[MD5.00000000000000000000000000000000] - [22/02/2019 17:02:17] - |DC| - [543625156] - C:\WINDOWS\Panther
[MD5.00000000000000000000000000000000] - [23/02/2019 02:57:48] - |D| - [10513009] - C:\WINDOWS\Prefetch
[MD5.09394999ADB19901C665454EE964B13C] - [22/02/2019 16:56:18] - |A| - [36] - C:\WINDOWS\progress.ini
[MD5.00000000000000000000000000000000] - [23/02/2019 02:41:29] - |D| - [332061853] - C:\WINDOWS\ServiceProfiles
[MD5.E1A1B1DD287116416AE47FB455B0D467] - [23/02/2019 03:00:15] - |A| - [11109] - C:\WINDOWS\setupact.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/02/2019 03:00:15] - |A| - [0] - C:\WINDOWS\setuperr.log
[MD5.24F1C5552069122F46A4EF797909472B] - [13/02/2019 14:40:12] - |AC| - [1400832] - C:\WINDOWS\Installer\12261c.msi
[MD5.627BE9D5D2FEB271A850E11BF27FC9D9] - [23/02/2019 03:01:03] - |AC| - [131072] - C:\WINDOWS\Installer\inprogressinstallinfo.ipi
[MD5.1E1B12FCB6EE6813F2C2B05B3AF9144C] - [08/02/2019 21:02:56] - |AC| - [530042] - C:\WINDOWS\Installer\MSIAA4C.tmp
[MD5.FE003244957DC26D15CD56C32ACA9B92] - [23/02/2019 03:01:04] - |AC| - [530041] - C:\WINDOWS\Installer\MSIB75A.tmp
[MD5.2869B1801D9066D00A3875381E80998B] - [23/02/2019 08:18:40] - |AC| - [530043] - C:\WINDOWS\Installer\MSIB7C4.tmp
[MD5.DA60C95C40444D2FC6826149E58949C7] - [14/02/2019 10:50:44] - |AC| - [530041] - C:\WINDOWS\Installer\MSIC632.tmp
[MD5.1B9566108DA9160673E112FDDDC43237] - [20/02/2019 21:00:24] - |AC| - [20480] - C:\WINDOWS\Installer\SourceHash{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/02/2019 21:00:29] - |AC| - [0] - C:\WINDOWS\Installer\wix{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}.SchedServiceConfig.rmi
[MD5.00000000000000000000000000000000] - [23/02/2019 08:18:52] - |DC| - [123976] - C:\WINDOWS\Installer\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
[MD5.C8108DAFBD69983B1A783DCCF258D206] - [23/02/2019 02:57:19] - |A| - [446688] - C:\WINDOWS\system32\FNTCACHE.DAT
[MD5.D596AB688F08DC2D27824A53E424AE7D] - [23/02/2019 02:56:34] - |A| - [52937] - C:\WINDOWS\system32\license.rtf
[MD5.00000000000000000000000000000000] - [23/02/2019 02:41:29] - |D| - [1154928] - C:\WINDOWS\system32\Microsoft
[MD5.EE5C284485228230494662C005FE51D7] - [23/02/2019 03:00:38] - |A| - [99848] - C:\WINDOWS\system32\OpenCL.DLL
[MD5.5A26131E4F6538AF2FB213BDFB77BC21] - [23/02/2019 03:15:45] - |A| - [1771406] - C:\WINDOWS\system32\PerfStringBackup.INI
[MD5.479E66E613364FFBB2192BD7DAB494B8] - [23/02/2019 02:38:56] - |A| - [126064] - C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
[MD5.8507F76AFECF7933075D7AD3D5C240B6] - [23/02/2019 02:38:56] - |A| - [1167960] - C:\WINDOWS\system32\PresentationNative_v0300.dll
[MD5.00000000000000000000000000000000] - [23/02/2019 02:57:24] - |D| - [1946778] - C:\WINDOWS\system32\SleepStudy
[MD5.E7220B745646E732C1388B6173E5C6E9] - [23/02/2019 02:38:56] - |A| - [35440] - C:\WINDOWS\system32\TsWpfWrp.exe
[MD5.0E596D5C2D2E33F3B47BA3A03BFF95A4] - [23/02/2019 15:43:28] - |A| - [922112] - C:\WINDOWS\system32\XpsFilt.dll
[MD5.D2BECE1D4587D8E6E6E948954B2230BA] - [23/02/2019 15:43:28] - |A| - [4488192] - C:\WINDOWS\system32\xpsrchvw.exe
[MD5.9D6B8FC71167D22849424084F0F3D9E9] - [23/02/2019 15:43:28] - |A| - [76060] - C:\WINDOWS\system32\xpsrchvw.xml
[MD5.DC7D2D808B385148633931E390C46633] - [23/02/2019 15:43:28] - |A| - [99328] - C:\WINDOWS\system32\XPSSHHDR.dll
[MD5.082F9D1ADB6DF9E5DB30EB52A34FCF0A] - [11/02/2019 12:40:50] - |A| - [152688] - C:\WINDOWS\system32\Drivers\mbae64.sys
[MD5.7CE9DEB496E666174498F7DF681E977E] - [25/02/2019 13:46:36] - |A| - [260384] - C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
[MD5.D596AB688F08DC2D27824A53E424AE7D] - [23/02/2019 02:56:34] - |A| - [52937] - C:\WINDOWS\syswow64\license.rtf
[MD5.C2558938D3DFB45D63BB3FCEEC0AD7DA] - [23/02/2019 03:00:38] - |A| - [103944] - C:\WINDOWS\syswow64\OpenCL.DLL
[MD5.44AA5F4E7CB43BBF7FFE05434CB89DC8] - [23/02/2019 02:39:02] - |A| - [104560] - C:\WINDOWS\syswow64\PresentationCFFRasterizerNative_v0300.dll
[MD5.1B4F5912DA213A904EDD80432C821885] - [23/02/2019 02:39:02] - |A| - [780376] - C:\WINDOWS\syswow64\PresentationNative_v0300.dll
[MD5.B0E458AA8676B039B7AD73844EE2B70E] - [23/02/2019 03:00:54] - |A| - [2864640] - C:\WINDOWS\syswow64\PrintConfig.dll
[MD5.8A89E11097AA485616BD3833369F0B08] - [23/02/2019 02:39:02] - |A| - [36896] - C:\WINDOWS\syswow64\TsWpfWrp.exe
[MD5.609FE0FFBA8A6951E22FEDCB40AC6FC6] - [23/02/2019 15:43:28] - |A| - [595968] - C:\WINDOWS\syswow64\XpsFilt.dll
[MD5.D20001EDA4E97DC4B6BADEBE53866227] - [23/02/2019 15:43:28] - |A| - [3442176] - C:\WINDOWS\syswow64\xpsrchvw.exe
[MD5.9D6B8FC71167D22849424084F0F3D9E9] - [23/02/2019 15:43:28] - |A| - [76060] - C:\WINDOWS\syswow64\xpsrchvw.xml
[MD5.64E3122D4B050EEDE3887C0669FB5A72] - [23/02/2019 15:43:28] - |A| - [81408] - C:\WINDOWS\syswow64\XPSSHHDR.dll
[MD5.00000000000000000000000000000000] - [23/02/2019 02:39:44] - |D| - [10384] - C:\WINDOWS\syswow64\XPSViewer

---------- | Drives


D:

[01/12/2006 23:37:14] - |A| - (.© Microsoft Corporation. - Microsoft® Debug Information Accessor.) - [904704] - (8.0.50727.762) - D:\msdia80.dll

---------- | C:

[22/02/2019 11:07:41] - |HD| - [181737] - C:\$GetCurrent
[22/08/2013 16:36:31] - |SHD| - [5944342441] - C:\$Recycle.Bin
[29/05/2018 17:31:20] - |SHD| - [239] - C:\82ace7d6-0197-474d-bf4b-a2043e72329b
[14/02/2019 15:24:37] - |D| - [459850713] - C:\AdsFix
[MD5.205F99D8DB48BD122BCB8C730625D068] - [14/02/2019 15:27:58] - |A| - (.-.) - [16341] - (0.0.0.0) - C:\AdsFix.txt
[01/01/2018 22:57:52] - |D| - [4661536] - C:\AdwCleaner
[29/10/2014 15:13:20] - |SHD| - [18524940] - C:\Boot
[MD5.0B17239B2E03F5AEA96929003CA22337] - [22/08/2013 16:44:03] - |RASH| - (.-.) - [404250] - (0.0.0.0) - C:\bootmgr
[MD5.93B885ADFE0DA089CDF634904FD59F71] - [22/08/2013 16:44:04] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT
[23/02/2019 08:18:42] - |SHD| - [91078] - C:\Config.Msi
[MD5.B6E72AE0B04F3A7AFDA4801677F94F40] - [10/08/2015 09:44:11] - |A| - (.-.) - [216] - (0.0.0.0) - C:\DebugTrace-RockallDLL.log
[22/08/2013 15:45:52] - |SHD| - [0] - C:\Documents and Settings
[12/11/2017 14:02:12] - |AD| - [10916] - C:\educampa
[27/03/2015 03:47:41] - |D| - [3444458896] - C:\eSupport
[30/09/2017 10:52:02] - |AD| - [128035483] - C:\FreeStyler
[31/12/2017 17:59:43] - |D| - [298520970] - C:\FRST
[03/03/2018 21:51:36] - |D| - [18435653440] - C:\Games
[26/03/2015 20:04:15] - |HD| - [688725] - C:\Intel
[13/02/2016 14:18:25] - |D| - [16355328] - C:\Logs
[11/02/2019 16:23:35] - |D| - [920894] - C:\MARMITON
[12/12/2015 12:32:08] - |RHD| - [846036376] - C:\MSOCache
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/03/2015 19:48:47] - |ASH| - (.-.) - [1946157056] - (0.0.0.0) - C:\pagefile.sys
[15/09/2018 08:33:50] - |D| - [0] - C:\PerfLogs
[15/09/2018 08:33:50] - |RD| - [28607626225] - C:\Program Files
[15/09/2018 08:33:50] - |RD| - [7562936885] - C:\Program Files (x86)
[15/09/2018 08:33:50] - |HD| - [2379623493] - C:\ProgramData
[25/02/2019 16:38:08] - |D| - [68685] - C:\QuickDiag
[MD5.272C8C7ADE12882307B92EDC0FF3B747] - [25/02/2019 16:38:41] - |A| - (.-.) - [441358] - (0.0.0.0) - C:\QuickDiag.txt
[31/12/2017 11:08:51] - |SHD| - [0] - C:\Recovery
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/03/2015 19:48:47] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys
[27/03/2015 03:36:47] - |SHD| - [0] - C:\System Volume Information
[15/09/2018 07:09:26] - |RD| - [267691234237] - C:\Users
[15/09/2018 07:09:26] - |D| - [36983115435] - C:\Windows
[23/02/2019 02:56:35] - |D| - [45087975459] - C:\Windows.old
[22/02/2019 11:07:14] - |D| - [21024985] - C:\Windows10Upgrade

---------- | C:\WINDOWS

[15/09/2018 08:33:50] - |D| - [802] - C:\WINDOWS\addins
[15/09/2018 08:33:50] - |D| - [5658416] - C:\WINDOWS\appcompat
[15/09/2018 08:33:50] - |D| - [8416654] - C:\WINDOWS\apppatch
[15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\AppReadiness
[MD5.FF939E4AFA418CDA2C6B4C76D971251E] - [27/03/2015 03:47:41] - |A| - (.-.) - [897560] - (0.0.0.0) - C:\WINDOWS\AsCDProc.log
[MD5.87E2BC59894192FC449D18ADC07C09B9] - [26/03/2015 20:35:23] - |A| - (.-.) - [29128] - (0.0.0.0) - C:\WINDOWS\AsChkDev.txt
[MD5.1FDEA389B395EF1491D8329D89E7D7D5] - [26/01/2015 05:09:40] - |A| - (.-.) - [23] - (0.0.0.0) - C:\WINDOWS\AsDCDVer.txt
[MD5.69AC094BDEF73E3360C13DF69F607106] - [27/03/2015 03:47:41] - |A| - (.-.) - [4054128] - (0.0.0.0) - C:\WINDOWS\AsDebug.log
[MD5.6A75971FCC5C48AF2AE474C78072008B] - [29/10/2014 13:38:57] - |A| - (.-.) - [28] - (0.0.0.0) - C:\WINDOWS\AsHDIVer.txt
[MD5.8C0D444A0789E33ED9326364CEDCF58E] - [27/03/2015 03:45:09] - |A| - (.-.) - [90] - (0.0.0.0) - C:\WINDOWS\AsPEToolVer.txt
[15/09/2018 08:33:50] - |RD| - [1013199208] - C:\WINDOWS\assembly
[MD5.BDDD18A78ECC52FA2F90F8FBF20A033E] - [27/03/2015 03:45:09] - |A| - (.-.) - [54] - (0.0.0.0) - C:\WINDOWS\AsToolCDVer.txt
[29/10/2014 12:43:39] - |AD| - [97789258] - C:\WINDOWS\ASUS
[15/09/2018 08:33:50] - |D| - [740161] - C:\WINDOWS\bcastdvr
[MD5.49D0AD393AE0B1EE7F3A3DD81B54BFBF] - [15/09/2018 08:28:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [78848] - (10.0.17763.1) - C:\WINDOWS\bfsvc.exe
[15/09/2018 08:33:50] - |D| - [39058188] - C:\WINDOWS\Boot
[MD5.AC7C937474FE223B468BCAF008448977] - [23/02/2019 02:42:13] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat
[15/09/2018 08:33:50] - |D| - [2449912] - C:\WINDOWS\Branding
[15/09/2018 08:23:35] - |D| - [0] - C:\WINDOWS\CbsTemp
[MD5.E6838D4EB2831E873B59BC1D120F080B] - [23/02/2019 03:10:34] - |A| - (.-.) - [51289] - (0.0.0.0) - C:\WINDOWS\comsetup.log
[15/09/2018 08:33:50] - |D| - [26632996] - C:\WINDOWS\Containers
[MD5.1F334AC7713E228137147CBFBB7BC9AA] - [15/09/2018 17:41:43] - |A| - (.-.) - [33951] - (0.0.0.0) - C:\WINDOWS\Core.xml
[MD5.1E3D09CADD189E79160EBB9A7BABA3E4] - [29/10/2014 07:23:30] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\csup.txt
[15/09/2018 08:33:50] - |D| - [11482410] - C:\WINDOWS\Cursors
[MD5.1792FCC679A4C84147AD2AFEA6672E47] - [21/05/2018 15:00:37] - |A| - (.-.) - [3129] - (0.0.0.0) - C:\WINDOWS\DDACLSys.log
[15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\debug
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [23/02/2019 03:25:54] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml
[15/09/2018 08:33:50] - |D| - [4241520] - C:\WINDOWS\diagnostics
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [23/02/2019 03:25:54] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml
[15/09/2018 17:39:05] - |D| - [0] - C:\WINDOWS\DigitalLocker
[MD5.BADEF675402DD32B7936D9051D83E041] - [29/07/2015 14:11:37] - |A| - (.-.) - [66627] - (0.0.0.0) - C:\WINDOWS\DirectX.log
[15/09/2018 08:33:50] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files
[MD5.57A23E4BB460BCB5962603BC6649DDFA] - [26/03/2015 20:13:51] - |A| - (.-.) - [16100] - (0.0.0.0) - C:\WINDOWS\DPINST.LOG
[MD5.C1B2A7DB514FC6282ED473379849796F] - [15/09/2018 08:36:09] - |A| - (.-.) - [1625] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log
[15/09/2018 08:33:50] - |HD| - [46584] - C:\WINDOWS\ELAMBKUP
[15/09/2018 17:39:05] - |D| - [0] - C:\WINDOWS\en-US
[MD5.D033CC75DD4CC0856E89B2A87559C2CC] - [29/10/2018 23:59:07] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4245280] - (10.0.17763.107) - C:\WINDOWS\explorer.exe
[MD5.E1FD9DE48AF5D7652AA31BBE914F54B8] - [26/02/2009 07:50:32] - |A| - (.-.) - [176] - (0.0.0.0) - C:\WINDOWS\explorer.exe.config
[MD5.820D78085FF08B9E6C13261613A185E2] - [19/07/2015 18:04:32] - |A| - (.-.) - [192] - (0.0.0.0) - C:\WINDOWS\FixPatch.log
[15/09/2018 08:33:50] - |RSD| - [409307000] - C:\WINDOWS\Fonts
[15/09/2018 17:39:05] - |D| - [110080] - C:\WINDOWS\fr-FR
[15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter
[15/09/2018 08:33:50] - |D| - [53325536] - C:\WINDOWS\Globalization
[15/09/2018 08:33:50] - |D| - [72008902] - C:\WINDOWS\Help
[MD5.860149040BEF4711189158FE4505E6C6] - [15/09/2018 08:29:17] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1065472] - (10.0.17763.1) - C:\WINDOWS\HelpPane.exe
[MD5.1CECEE8D02A8E9B19D3A1A65C7A2B249] - [15/09/2018 08:29:18] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.17763.1) - C:\WINDOWS\hh.exe
[15/09/2018 08:33:50] - |D| - [29869] - C:\WINDOWS\IdentityCRL
[15/09/2018 08:33:50] - |D| - [28822422] - C:\WINDOWS\IME
[15/09/2018 08:33:50] - |RD| - [8775009] - C:\WINDOWS\ImmersiveControlPanel
[15/09/2018 08:31:55] - |D| - [91531517] - C:\WINDOWS\INF
[12/04/2018 00:38:21] - |D| - [0] - C:\WINDOWS\InfusedApps
[15/09/2018 08:33:50] - |D| - [38126462] - C:\WINDOWS\InputMethod
[15/09/2018 08:33:50] - |SHDC| - [1157824190] - C:\WINDOWS\Installer
[15/09/2018 08:33:50] - |D| - [94163] - C:\WINDOWS\L2Schemas
[15/09/2018 08:33:50] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache
[12/11/2017 14:16:32] - |D| - [3102710] - C:\WINDOWS\Lhsp
[15/09/2018 08:33:50] - |D| - [1315805181] - C:\WINDOWS\LiveKernelReports
[29/10/2014 12:24:07] - |D| - [10338070] - C:\WINDOWS\Log
[15/09/2018 07:09:30] - |D| - [7696670] - C:\WINDOWS\Logs
[15/09/2018 08:33:50] - |RSD| - [20517644] - C:\WINDOWS\media
[22/08/2013 16:36:31] - |D| - [1619968] - C:\WINDOWS\MediaViewer
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [15/09/2018 08:28:57] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin
[15/09/2018 08:33:50] - |RD| - [810652205] - C:\WINDOWS\Microsoft.NET
[15/09/2018 08:33:50] - |D| - [3135] - C:\WINDOWS\Migration
[15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\ModemLogs
[MD5.782877B30735ABD1EAE241F13145F664] - [15/09/2018 08:28:56] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [254464] - (10.0.17763.1) - C:\WINDOWS\notepad.exe
[MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [16/11/2018 20:13:04] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat
[15/09/2018 17:40:22] - |D| - [199472] - C:\WINDOWS\OCR
[15/09/2018 08:33:50] - |RD| - [65] - C:\WINDOWS\Offline Web Pages
[26/03/2015 20:01:10] - |D| - [0] - C:\WINDOWS\Options
[22/02/2019 17:02:17] - |DC| - [543625156] - C:\WINDOWS\Panther
[15/09/2018 08:33:50] - |D| - [525806] - C:\WINDOWS\Performance
[MD5.E39AB9717E9CF154ACC18ECFB3166094] - [16/10/2016 17:15:17] - |A| - (.-.) - [280520] - (0.0.0.0) - C:\WINDOWS\PFRO.log
[15/09/2018 08:33:50] - |D| - [1136442] - C:\WINDOWS\PLA
[15/09/2018 08:33:50] - |D| - [2882721] - C:\WINDOWS\PolicyDefinitions
[23/02/2019 02:57:48] - |D| - [10513004] - C:\WINDOWS\Prefetch
[15/09/2018 08:33:50] - |RD| - [1910255] - C:\WINDOWS\PrintDialog
[MD5.09394999ADB19901C665454EE964B13C] - [22/02/2019 16:56:18] - |A| - (.-.) - [36] - (0.0.0.0) - C:\WINDOWS\progress.ini
[15/09/2018 08:33:50] - |D| - [5414458] - C:\WINDOWS\Provisioning
[MD5.393E54C64CB60AC1DCA6EBACAA6C30AD] - [15/09/2018 08:29:21] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [358400] - (10.0.17763.1) - C:\WINDOWS\regedit.exe
[15/09/2018 08:33:50] - |D| - [1117876] - C:\WINDOWS\Registration
[15/09/2018 08:33:50] - |D| - [3356688] - C:\WINDOWS\rescache
[15/09/2018 08:33:50] - |D| - [4145322] - C:\WINDOWS\Resources
[MD5.2C23C5BF869BC22114BD873D096DB291] - [26/03/2015 20:11:00] - |A| - (.Copyright (C) 2015 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2825944] - (1.0.6.1) - C:\WINDOWS\RtlExUpd.dll
[15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\SchCache
[15/09/2018 08:33:50] - |D| - [122082] - C:\WINDOWS\schemas
[15/09/2018 08:33:50] - |D| - [11119460] - C:\WINDOWS\security
[23/02/2019 02:41:29] - |D| - [332061853] - C:\WINDOWS\ServiceProfiles
[15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\ServiceState
[15/09/2018 07:09:26] - |D| - [49452087] - C:\WINDOWS\servicing
[15/09/2018 08:36:53] - |D| - [10639] - C:\WINDOWS\Setup
[MD5.E1A1B1DD287116416AE47FB455B0D467] - [23/02/2019 03:00:15] - |A| - (.-.) - [11109] - (0.0.0.0) - C:\WINDOWS\setupact.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/02/2019 03:00:15] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log
[15/09/2018 08:33:50] - |D| - [6752256] - C:\WINDOWS\ShellComponents
[15/09/2018 08:33:50] - |D| - [52920320] - C:\WINDOWS\ShellExperiences
[13/02/2016 14:01:38] - |D| - [66140] - C:\WINDOWS\ShellNew
[15/09/2018 08:33:50] - |D| - [3070736] - C:\WINDOWS\SKB
[26/03/2015 19:58:29] - |D| - [58114685] - C:\WINDOWS\SoftwareDistribution
[15/09/2018 08:33:50] - |D| - [88557383] - C:\WINDOWS\Speech
[15/09/2018 08:33:50] - |D| - [63949381] - C:\WINDOWS\Speech_OneCore
[MD5.A5F344522764898F2086DBE32464C334] - [15/09/2018 08:28:24] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [132096] - (10.0.17763.1) - C:\WINDOWS\splwow64.exe
[15/09/2018 08:33:50] - |D| - [31039] - C:\WINDOWS\System
[MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 14:25:43] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini
[15/09/2018 07:09:26] - |D| - [21792735380] - C:\WINDOWS\System32
[15/09/2018 08:33:50] - |D| - [203850680] - C:\WINDOWS\SystemApps
[15/09/2018 08:33:51] - |D| - [26481055] - C:\WINDOWS\SystemResources
[15/09/2018 07:09:31] - |D| - [1579177540] - C:\WINDOWS\SysWOW64
[15/09/2018 08:33:51] - |D| - [0] - C:\WINDOWS\TAPI
[22/08/2013 16:36:30] - |D| - [1943] - C:\WINDOWS\Tasks
[15/09/2018 08:33:51] - |D| - [2391031] - C:\WINDOWS\Temp
[15/09/2018 08:33:51] - |D| - [14424064] - C:\WINDOWS\TextInput
[22/08/2013 16:36:30] - |RD| - [0] - C:\WINDOWS\ToastData
[15/09/2018 08:33:51] - |D| - [0] - C:\WINDOWS\tracing
[15/09/2018 08:33:51] - |D| - [106782] - C:\WINDOWS\twain_32
[MD5.4B8ED4EF819DC87A2DC108EF60504FE9] - [15/09/2018 08:29:28] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [64512] - (1.7.1.3) - C:\WINDOWS\twain_32.dll
[25/12/2017 22:15:53] - |SD| - [0] - C:\WINDOWS\UpdateAssistantV2
[MD5.4C6F2D2CE86330335801F2982B26223E] - [12/11/2017 14:15:49] - |A| - (.Copyright © 1987-1998 Microsoft Corp. - Visual Basic ICursor Interface Library.) - [89360] - (6.0.81.69) - C:\WINDOWS\Vb5db.dll
[22/08/2013 16:36:30] - |D| - [0] - C:\WINDOWS\vpnplugins
[15/09/2018 08:33:51] - |D| - [12420] - C:\WINDOWS\Vss
[15/09/2018 07:09:29] - |D| - [28874] - C:\WINDOWS\WaaS
[15/09/2018 08:33:51] - |D| - [15729830] - C:\WINDOWS\Web
[MD5.0CFBA52A4EB61B39898A85802F798E04] - [22/08/2013 14:25:43] - |A| - (.-.) - [528] - (0.0.0.0) - C:\WINDOWS\win.ini
[MD5.C844CA459F3B209329984772269B6E56] - [15/09/2018 08:28:58] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest
[MD5.2CC83D93DD1DDE691158CF5E9882420B] - [26/03/2015 19:58:29] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log
[MD5.351FDCE5B7CDE5009C768FFDA64B5E57] - [15/09/2018 08:29:27] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.17763.1) - C:\WINDOWS\winhlp32.exe
[15/09/2018 07:09:26] - |D| - [6852665735] - C:\WINDOWS\WinSxS
[MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [15/09/2018 08:38:26] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx
[MD5.10F2BC4209233AB34BDA602967D0F798] - [15/09/2018 08:29:24] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.17763.1) - C:\WINDOWS\write.exe

---------- | C:\WINDOWS\System32\GroupPolicy


---------- | Systemroot\System


---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[26/10/2016 19:30:14] - C:\WINDOWS\Installer\10859487.msi : ( - Aleste)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\11cac38.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\12769d1.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\13cc6b.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\16c7b55b.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/09/2014 03:59:10] - C:\WINDOWS\Installer\19f8b.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[05/11/2014 05:45:30] - C:\WINDOWS\Installer\19f90.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/03/2015 20:21:51] - C:\WINDOWS\Installer\1a7c8.msi : (AudioWizard - ICEpower a/s)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/11/2014 08:24:16] - C:\WINDOWS\Installer\1a7cd.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/12/2014 07:31:36] - C:\WINDOWS\Installer\1a7d2.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[05/09/2014 08:45:44] - C:\WINDOWS\Installer\1ad85.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\1ca6dc9.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/01/2015 16:41:42] - C:\WINDOWS\Installer\1d9c5.msi : (Intel(R) ME UninstallLegacy - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/01/2015 16:42:24] - C:\WINDOWS\Installer\1d9ca.msi : (Intel(R) Management Engine Components - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/01/2015 16:42:38] - C:\WINDOWS\Installer\1d9d1.msi : (Intel(R) Management Engine Components - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/01/2015 16:40:32] - C:\WINDOWS\Installer\1d9d6.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\1e12d36.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/01/2019 12:00:31] - C:\WINDOWS\Installer\20dca8.msi : (Backup and Sync from Google - Google, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\2226c08.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\24c474d.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[25/01/2017 15:18:19] - C:\WINDOWS\Installer\24e4c8e7.msi : (Scratch 2 - Massachusetts Institute of Technology)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\25b20c1.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/08/2014 16:57:28] - C:\WINDOWS\Installer\27a1c.msi : (Intel(R) Chipset Device Software - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/03/2015 20:16:50] - C:\WINDOWS\Installer\27d3b.msi : (Blank Project Template - Qualcomm Atheros Communications)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/07/2014 02:22:22] - C:\WINDOWS\Installer\27d40.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\2905f.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[14/12/2015 13:46:18] - C:\WINDOWS\Installer\2be54.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\2e8b0.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\2fc19.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\32730.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/07/2012 08:02:14] - C:\WINDOWS\Installer\328ad6b4.msi : (Adobe Flash Player - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\33421.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[14/12/2015 13:46:18] - C:\WINDOWS\Installer\34bfe.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\36d865c.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\38dca.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\3c804.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/12/2018 09:32:44] - C:\WINDOWS\Installer\3d7aa.msi : (Google Update Helper - Google Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\3e689.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\3e724e2.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\3fc05.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\41bbcb0.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\420c785.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\45d17b5.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/05/2018 14:32:14] - C:\WINDOWS\Installer\4920d.msi : (Epic Games Launcher - Epic Games, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/11/2015 09:56:58] - C:\WINDOWS\Installer\49212.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\5019ed9.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\5303cde.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/12/2015 09:59:44] - C:\WINDOWS\Installer\5f55fcbb.msi : (Skype - Skype Technologies S.A.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\65f9712.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/12/2016 02:06:44] - C:\WINDOWS\Installer\6c80e06.msi : (Apple Application Support Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/12/2016 02:06:46] - C:\WINDOWS\Installer\6c80fae.msi : (Apple Application Support Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/10/2016 02:03:58] - C:\WINDOWS\Installer\6c80fb3.msi : ([ProductName] Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/10/2016 02:03:06] - C:\WINDOWS\Installer\6c80fb8.msi : (Apple Mobile Device Support Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/10/2016 02:07:52] - C:\WINDOWS\Installer\6c80fed.msi : (Apple Software Update Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/12/2016 03:26:44] - C:\WINDOWS\Installer\6d61aad.msi : (iTunes Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[07/10/2016 12:12:48] - C:\WINDOWS\Installer\6d61ab0.msi : (iCloud for Windows installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\74dae0f.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/09/2005 22:18:51] - C:\WINDOWS\Installer\765917.msi : (Blank Project Template - InstallShield Software Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\7743075.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[02/09/2014 10:02:06] - C:\WINDOWS\Installer\796c4.msi : (Device Setup - ASUSTek Computer Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[08/09/2017 14:47:17] - C:\WINDOWS\Installer\8a4a3d2f.msi : (Adobe AIR Installer - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/10/2012 19:47:59] - C:\WINDOWS\Installer\8d0da.msi : (Garmin USB Drivers - Garmin Ltd or its subsidiaries)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/12/2012 16:35:44] - C:\WINDOWS\Installer\8d0df.msi : (Garmin WebUpdater - Garmin Ltd or its subsidiaries)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\948b09.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\9a76d8.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\a5037a1.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\bdc5d82.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\c7403d.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\e716718.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2016 16:53:44] - C:\WINDOWS\Installer\f5194ed.msi : ( - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[22/08/2017 13:53:00] - [75744] - C:\WINDOWS\Installer\{01535110-65FB-4437-AF99-6FB40252C06C}\ARPPRODUCTICON.exe     (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield)
[26/10/2016 19:31:06] - [3638] - C:\WINDOWS\Installer\{0168BC69-1180-499C-8640-945D23EF4C94}\_1D14578E9734282C7FD3C0.exe     () - ()
[26/10/2016 19:31:06] - [3638] - C:\WINDOWS\Installer\{0168BC69-1180-499C-8640-945D23EF4C94}\_21F3885A18D238E15AAE81.exe     () - ()
[26/10/2016 19:31:06] - [3638] - C:\WINDOWS\Installer\{0168BC69-1180-499C-8640-945D23EF4C94}\_6FEFF9B68218417F98F549.exe     () - ()
[26/03/2015 20:24:17] - [287934] - C:\WINDOWS\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe     () - ()
[26/03/2015 20:26:24] - [45620] - C:\WINDOWS\Installer\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}\_28D23A78430C9AC32ABA4B.exe     () - ()
[26/03/2015 20:26:24] - [45620] - C:\WINDOWS\Installer\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}\_853F67D554F05449430E7E.exe     () - ()
[26/03/2015 20:26:24] - [45620] - C:\WINDOWS\Installer\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}\_FAB21B91012C8EB293D57B.exe     () - ()
[13/08/2015 15:30:51] - [53248] - C:\WINDOWS\Installer\{1C08A24C-B168-407E-A826-68FAF5F20710}\ARPPRODUCTICON.exe     (Copyright © 2000) - (InstallShield)
[29/10/2014 07:25:15] - [459934] - C:\WINDOWS\Installer\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}\_6FEFF9B68218417F98F549.exe     () - ()
[17/12/2016 15:53:59] - [287934] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\CalendarIcon.exe     () - ()
[17/12/2016 15:53:59] - [287934] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\ContactsIcon.exe     () - ()
[17/12/2016 15:53:59] - [287934] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\FindMyiPhoneIcon.exe     () - ()
[17/12/2016 15:53:59] - [41851] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\iCloudIcon.exe     () - ()
[17/12/2016 15:53:59] - [34679] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\KeynoteIcon.exe     () - ()
[17/12/2016 15:53:59] - [287934] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\MailIcon.exe     () - ()
[17/12/2016 15:53:59] - [287934] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\NotesIcon.exe     () - ()
[17/12/2016 15:53:59] - [35141] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\NumbersIcon.exe     () - ()
[17/12/2016 15:53:59] - [37527] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\PagesIcon.exe     () - ()
[17/12/2016 15:53:59] - [287934] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\RemindersIcon.exe     () - ()
[17/12/2016 15:53:59] - [287934] - C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\ShellStreamsShortcut.exe     () - ()
[29/07/2015 16:10:03] - [61440] - C:\WINDOWS\Installer\{485775E8-AEB8-46BD-922B-242879E03DD5}\ARPPRODUCTICON.exe     (Copyright © 2000) - (InstallShield)
[23/02/2019 08:18:52] - [123976] - C:\WINDOWS\Installer\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}\_853F67D554F05449430E7E.exe     () - ()
[17/12/2016 15:35:30] - [27136] - C:\WINDOWS\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\AppleSoftwareUpdateIco.exe     () - ()
[26/03/2015 20:21:54] - [268560] - C:\WINDOWS\Installer\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}\ARPPRODUCTICON.exe     (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield)
[26/03/2015 20:21:54] - [268560] - C:\WINDOWS\Installer\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}\NewShortcut21_88CE7B52F926451CAD0B30AC2FF26CC7.exe     (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield)
[26/03/2015 20:21:54] - [268560] - C:\WINDOWS\Installer\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}\NewShortcut2_CAFC68A201474C958303AEAC0F6DBEDB.exe     (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield)
[29/07/2015 16:58:35] - [478432] - C:\WINDOWS\Installer\{6033673D-2530-4587-8AD0-EB059FC263F9}\Crysis2Launcher.exe     ((C) 2011 Crytek GmbH) - ()
[03/12/2015 09:59:57] - [145760] - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe     () - ()
[29/10/2014 07:25:54] - [145760] - C:\WINDOWS\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe     () - ()
[17/12/2016 15:49:57] - [86016] - C:\WINDOWS\Installer\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}\iTunesIco.exe     () - ()
[22/08/2017 13:55:14] - [81920] - C:\WINDOWS\Installer\{9BFB1FAB-8FC4-4FAA-9B2D-2B121834B659}\ARPPRODUCTICON.exe     (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield)
[26/03/2015 20:16:58] - [73728] - C:\WINDOWS\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\ARPPRODUCTICON.exe     (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield)
[26/03/2015 20:16:58] - [73728] - C:\WINDOWS\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\NewShortcut2_AF8ACC7080E84CCEB8A24D562FCEF458.exe     (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield)
[26/03/2015 20:16:58] - [49152] - C:\WINDOWS\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\NewShortcut4_A600F73C5ABB461C8A3D4DC30E0E856F.exe     (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield)
[26/03/2015 20:22:08] - [373513] - C:\WINDOWS\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_4753E86A9C8EB5DE6C3957.exe     () - ()
[26/03/2015 20:22:08] - [373513] - C:\WINDOWS\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_853F67D554F05449430E7E.exe     () - ()
[26/03/2015 20:19:45] - [114734] - C:\WINDOWS\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe     () - ()
[12/08/2015 09:48:41] - [65536] - C:\WINDOWS\Installer\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\ARPPRODUCTICON.exe     (Copyright (C) 2006 Macrovision Corporation) - (InstallShield)
[29/10/2014 07:26:30] - [406174] - C:\WINDOWS\Installer\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}\IconName.exe     () - ()

---------- | %System%\*.in*

[26/03/2015 20:01:10] - [419463] - C:\WINDOWS\System32\athwbx.inf
[15/09/2018 08:29:16] - [3329] - C:\WINDOWS\System32\ieuinit.inf
[23/02/2019 03:15:45] - [1771406] - C:\WINDOWS\System32\PerfStringBackup.INI
[15/09/2018 08:28:56] - [60124] - C:\WINDOWS\System32\tcpmon.ini
[15/09/2018 08:28:42] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini
[15/09/2018 08:29:28] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf
[15/09/2018 08:29:07] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini

---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan

[MD5.14078B4AA17F8AA7D681F1B872ED431C] - |A| - [23/02/2019 03:02:15] - (.-.) - [0.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00000.log
[MD5.D2B3F14C95ED3C04206D00F5D04868AA] - |A| - [23/02/2019 03:02:16] - (.-.) - [0.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00001.log
[MD5.C0E0E0E73BC838DDCA55056BDE668292] - |A| - [23/02/2019 03:11:15] - (.-.) - [2.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:11:15] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad
[MD5.00000000000000000000000000000000] - |D| - [25/02/2019 13:46:17] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_alternativeTrace
[MD5.00000000000000000000000000000000] - |D| - [25/02/2019 13:46:17] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_aot
[MD5.00000000000000000000000000000000] - |D| - [25/02/2019 13:46:17] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_diag
[MD5.00000000000000000000000000000000] - |D| - [25/02/2019 13:46:17] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_miniTrace
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 02:58:52] - [400.93 Ko] - C:\WINDOWS\Temp\DPTF
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [23/02/2019 03:10:55] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSAPIDebugLogFile.txt
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [23/02/2019 03:10:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSTIFFDebugLogFile.txt
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:00:40] - [1.75 Ko] - C:\WINDOWS\Temp\HP
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:00:37] - [0 Ko] - C:\WINDOWS\Temp\intel-gfx-installer-C3D9886E-5DDF-48BC-AD93-09E28F54964A
[MD5.CB95247EB0B06C3AE885173847628231] - |A| - [23/02/2019 03:29:28] - (.-.) - [2.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190223-032928-0.log
[MD5.60EEB6233952871866AE03AF55BB93E1] - |A| - [25/02/2019 13:48:56] - (.-.) - [2.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190225-134856-0.log
[MD5.A192AEDEFE7399CBC01BE534382BC5D7] - |A| - [23/02/2019 03:27:46] - (.-.) - [17.46 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log
[MD5.23CB4B34E4DF542D9EE23392D59D07F5] - |A| - [23/02/2019 15:36:27] - (.-.) - [22.39 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:29:43] - [60 Ko] - C:\WINDOWS\Temp\NVIDIA Corporation
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:01:37] - [1384.41 Ko] - C:\WINDOWS\Temp\NvidiaLogging
[MD5.B321EFC0192A86BDF9DA4F098DA1B573] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.00D57B0F-01FA-B79F-08D6-878ED20C4C9B_5__.Public.AppUpdate.dat
[MD5.1D913C0D7050AD18EEB8436B3D58AB70] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0116DC02-781B-D1D1-FC1C-C80195511E17_5__.Public.AppUpdate.dat
[MD5.8BE68D5D35B14C0D8006B2B9D603BB65] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0251D65D-E887-28BD-A226-3ECD72FB59C6_5__.Public.AppUpdate.dat
[MD5.B88751FC3031923CA2E623ABB25599DE] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0862A72D-A96C-83E5-AD0F-78B6AA06F9C6_5__.Public.AppUpdate.dat
[MD5.08EDB1C093B905E88857AF24454B2FB4] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0C8CF327-9D17-CCDE-18AF-DFF4F20070E5_5__.Public.AppUpdate.dat
[MD5.88F7575A81CC694372BF425A5C0D1B70] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.18DDC675-D472-0DB4-9563-7DF7C34F512C_5__.Public.AppUpdate.dat
[MD5.DE8EED55F7D214C3AB8FE82F0AA907DB] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.19859B84-0CA1-A0F9-3169-07316A3911DA_5__.Public.AppUpdate.dat
[MD5.08178F4C533E08CDFA2930FD91059F1B] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.66 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.1A7994D6-5342-8581-71FB-A2BD1C895D93_5__.Public.AppUpdate.dat
[MD5.814C0C589011932F0F4018376D8EE28E] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.1D8FF136-7DCE-5A1D-5728-1A663C270BDD_5__.Public.AppUpdate.dat
[MD5.CF6EAB6183B2D1745C93CE1EAF62EAEB] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.1F63B8C3-2D48-9497-0A0A-2CBD462EDE76_5__.Public.AppUpdate.dat
[MD5.01A655D7EF3F0B453B5CCA6760908A3B] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.1FE89C0B-9BED-CC5D-7426-9E4025D6BDD9_5__.Public.AppUpdate.dat
[MD5.1C871DEBF930131E2262E87287B90987] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.2987BAA4-9FE1-75BF-48C2-A987DE2E4786_5__.Public.AppUpdate.dat
[MD5.D1228298C323BA2DCED4051973913C31] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.31A692E0-F967-E4F8-A441-21A804580E9E_5__.Public.AppUpdate.dat
[MD5.DA64C7ED5ED80DFEB03BB91679A93F06] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.32A48683-F264-932C-7870-B93BB448ED69_5__.Public.AppUpdate.dat
[MD5.686AC0B95CE067631269C3875AB5EA18] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.3BFD26C9-8DA9-B940-F638-55890012AAB4_5__.Public.AppUpdate.dat
[MD5.8CECE6C79003FE0DC3C1561A1A417B7C] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.42493DE9-7734-949C-AD90-1D11F59F45CB_5__.Public.AppUpdate.dat
[MD5.68CD8CD20F25F3A6B7B4565345C5585F] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.49F33C48-B2DE-F82A-56F2-64425F298B84_5__.Public.AppUpdate.dat
[MD5.DFC6E5D0F3F279CB75CDE165C768D439] - |A| - [23/02/2019 15:49:58] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.4AF301E9-F5E0-C8BF-6B7C-938BDDDF84D5_5__.Public.AppUpdate.dat
[MD5.BA5D53560552BB7017036090FEDF4186] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.4C48EB84-CE2F-6C5B-89F4-8319FE492B02_5__.Public.AppUpdate.dat
[MD5.0D94E6879FCA836CB2E70ECC659404B9] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.50611331-FE19-D366-B049-694B8AC9D758_5__.Public.AppUpdate.dat
[MD5.7E299D53108F107361FF636F3178AC6E] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.557EA3BB-623E-ADD9-4DFB-629A8648A038_5__.Public.AppUpdate.dat
[MD5.123113BDC6BF18FA9CD1A760B2C5E30E] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.558F5D32-0827-EB7B-6AD6-D5DB4138B3AA_5__.Public.AppUpdate.dat
[MD5.2E1C9D4977A5B367A0377FFA34403235] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.62B49C0A-499E-A02D-EBCB-EB168E148E52_5__.Public.AppUpdate.dat
[MD5.DB337D00949B9450028E5129E2962F68] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.64BBA36A-A7AF-A911-6075-21097AE9C591_5__.Public.AppUpdate.dat
[MD5.AD62717DDA29041EBA8DCD4CE3E3CF12] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.664AA17A-2D25-0823-3315-3708FE16147A_5__.Public.AppUpdate.dat
[MD5.3BF6242EB24F4A7F9502678B8B0217CD] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.674C4C14-7BAA-F782-E214-956DC3BEDF39_5__.Public.AppUpdate.dat
[MD5.69C64CE75A9E89421D9E772F0531B2B5] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.68BC3251-2D8B-A604-92BA-893638CA72EA_5__.Public.AppUpdate.dat
[MD5.DEA94DFF43B5A64CFA75B853E3D641FF] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.68E019EB-0B92-5E08-5D86-9BFE6DBA8517_5__.Public.AppUpdate.dat
[MD5.18000F5D17CBDD88DF7E0EA0743F16AD] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.69F3BCAB-8975-C526-30F5-39FA70C77AD9_5__.Public.AppUpdate.dat
[MD5.712DB93E76B2EEE4932FE169156891AC] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6D151227-6BD9-726D-B30E-A8A018DCC82B_5__.Public.AppUpdate.dat
[MD5.FE569B95CD7137C4A723B8C35BAFAB8C] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6DA3D5C0-A460-4E4E-3B2A-8530BC7CAFDA_5__.Public.AppUpdate.dat
[MD5.ED9E71D6D0B941B6D65B6A60C9D5B239] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6EA6FC2E-9305-586B-3411-02826D151533_5__.Public.AppUpdate.dat
[MD5.9AA70E6F0CDDBF8B49D5656187E523A2] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6F5A9E8F-F920-1658-72FF-16C1448402F9_5__.Public.AppUpdate.dat
[MD5.D3046EF1CB7C7216C70EFA64A5B6E861] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.70BC17F8-0AA7-CB35-CEE0-EF1B47A0FD3E_5__.Public.AppUpdate.dat
[MD5.7FE9392CC2729699B61D7D817F6BFFAF] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.73 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.754078EB-3A78-B444-5FC2-70DFE84EC4E5_5__.Public.AppUpdate.dat
[MD5.F7EB1572E4030D16035F95ED3F343732] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.7583E141-6210-5A36-BB89-80D0397C4721_5__.Public.AppUpdate.dat
[MD5.EF0ED227C61A0B4B188563FD8DB4ED2C] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.8773D363-89BD-C041-701A-BB439027A1C5_5__.Public.AppUpdate.dat
[MD5.BEDC63C008E638B9AA95A99F2DF2AE79] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.8F700A8E-3731-B777-A6DD-000FE1F8FCB2_5__.Public.AppUpdate.dat
[MD5.4B87DC70501251926CDE9961AD0E71F0] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.97612282-D1E8-1D6A-9E92-C271E7F177EF_5__.Public.AppUpdate.dat
[MD5.DDB79F57C27FEA298DBD28903924DFDC] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.993325CD-9CA8-DD49-50C4-377C092AEF1B_5__.Public.AppUpdate.dat
[MD5.891550E125F693D699B86DCE57066B02] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.99934EA1-ED05-6085-0BA1-E6D67383CF6A_5__.Public.AppUpdate.dat
[MD5.DB1F0C9FB2A1C868A6633E265AEFD8C1] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.75 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9D4DED89-CABC-F4FB-8133-BC5EDB1C7EDA_5__.Public.AppUpdate.dat
[MD5.9585EE6E62D329860B19E68CB89D8708] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A0D50492-A769-FCE9-8C5B-6DC60312B8E4_5__.Public.AppUpdate.dat
[MD5.2BA8736C7EE2387A7CE80D3736581E0D] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A2A6A2CB-C0B8-8FBE-AF12-ADD3D26281F1_5__.Public.AppUpdate.dat
[MD5.73F73D5B06CE9D43E452E68DDF0783A1] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A715D489-C343-F20B-B22E-F8D749061B0C_5__.Public.AppUpdate.dat
[MD5.A8D8686E95977E5175BD09ED8B11665F] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A8EA082C-1D8D-8EB4-4FB0-5516ED51695C_5__.Public.AppUpdate.dat
[MD5.F6A06B7E355B50D3F21270B806A4006D] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A90B8400-D36D-8235-8BF2-A21A53D3FB65_5__.Public.AppUpdate.dat
[MD5.B8B83B8C8D5F0B5DB94D740EBDBB4DE1] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.AD66B9BE-5B1A-4BAA-705F-4188C82173C3_5__.Public.AppUpdate.dat
[MD5.EFB55A0921E2A5EB0B306143332DBA9E] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.ADA26212-6E65-2F41-08F6-8A8E88987557_5__.Public.AppUpdate.dat
[MD5.8440D92F01C3C859CC4EE21F920E9D73] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.B1B6FBCA-CD11-CB52-6CA7-06B47EB7C197_5__.Public.AppUpdate.dat
[MD5.F909F4FB864DBAEFACD18CD4587E5195] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.73 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.B8ED1313-601B-9316-5FA3-8FB7277CB361_5__.Public.AppUpdate.dat
[MD5.3D51B6539F12ECBB2C7485A74FAFC515] - |A| - [23/02/2019 15:49:58] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.BAA0F9E7-E2C2-C973-EABD-02BBF7402934_5__.Public.AppUpdate.dat
[MD5.1D4500A53F6811BF2E350BE49BC04969] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.75 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.BBFD7549-71AE-D8FD-9F58-2EF4C874B21C_5__.Public.AppUpdate.dat
[MD5.95ED7D96BED88049B42FE35EE47696C0] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.BC4DDB65-D112-02A6-50D5-647B8B4FB4D5_5__.Public.AppUpdate.dat
[MD5.FE48766C9E53A4753D0878E3C49789A6] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.D1B32332-CD80-048D-8B75-B3C150ED57CC_5__.Public.AppUpdate.dat
[MD5.3942AFF7D5068A8D6D802767BA4FB495] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.73 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.DE6D6C3F-ADB2-3684-95D9-31275AFD3FB6_5__.Public.AppUpdate.dat
[MD5.802E5F84184EF2266F08F4A309496FC8] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.DFBE09D0-1F22-A9C0-2D3D-3F4C6351E58F_5__.Public.AppUpdate.dat
[MD5.C463BA2FDA8000A0AA101765FE0F63D8] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.75 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E13178CB-14D6-77E1-A95E-719630B795B9_5__.Public.AppUpdate.dat
[MD5.D3A8C9D9D308379CE86B308BE4CDB93C] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E336BB8F-16ED-7CBE-AFEE-971DD3041585_5__.Public.AppUpdate.dat
[MD5.37A36238B1A78D174B3FC7680FA2F21B] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E6658C19-4221-2EBE-763A-F0493FBA2BB0_5__.Public.AppUpdate.dat
[MD5.F31ED4861FF892891E6833E9163B029D] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E6836156-6348-EE2B-01B6-A3E6A83A2F75_5__.Public.AppUpdate.dat
[MD5.E12B200050058219FB0098A54DE91D08] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E6D3B497-80AF-7F14-F9E6-9606EE369FC3_5__.Public.AppUpdate.dat
[MD5.A61AF9F5DAA2C31512A9C3660E0BD823] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.EB81801C-E265-8B7F-1C88-884D690674D7_5__.Public.AppUpdate.dat
[MD5.E32CE48AEF8896F9A1D497D38731467E] - |A| - [23/02/2019 15:49:58] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.EEE53744-2BB9-BCA2-A50A-C6A1C5B0A0ED_5__.Public.AppUpdate.dat
[MD5.F51689A5847899EB7EBFDB8007372FD1] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.76 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.F0E95FA1-79AB-42A6-D011-D70D97E12622_5__.Public.AppUpdate.dat
[MD5.094C246276025DDDF58BBDB732326D01] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.73 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.F17D97AE-2226-4AEB-C1D8-15A83D914E17_5__.Public.AppUpdate.dat
[MD5.2B36D91D76F5742CFBAAC0010B575F29] - |A| - [23/02/2019 15:49:56] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.FACF9DDE-1FF1-B57D-4D1D-CE479FDD42AF_5__.Public.AppUpdate.dat
[MD5.AD27CD1B91148D140BD5249B942F1327] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.FB06EF95-BC48-1A6A-26FB-4450CE9A5906_5__.Public.AppUpdate.dat
[MD5.0F485B616F6570BD0D9A5507C47C98F1] - |A| - [23/02/2019 15:49:57] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.FC8D4DCB-7F29-F014-2169-BDE1CE675801_5__.Public.AppUpdate.dat
[MD5.C321C250BB39CC63DCD8B3E984C3F0CA] - |A| - [23/02/2019 15:35:01] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ScheduledHeartbeat.log
[MD5.B13AF738AA8BE55154B2752979D76827] - |A| - [23/02/2019 02:58:35] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tem7114.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125cfeb.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d01c.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d05c.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d0ac.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d0dd.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d0ef.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d100.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d160.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d191.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d1a3.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:36] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d1d3.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:37] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d262.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:37] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d274.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:37] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d285.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:37] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d2a7.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:37] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d2b8.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:37] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d308.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 08:28:37] - [0 Ko] - C:\WINDOWS\Temp\tw-21e4-21b8-125d32a.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-104189.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-1041aa.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-1041ac.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-1041be.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-1041cf.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-1041d1.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-1041e3.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-1041f5.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-1041f7.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-104208.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-10421a.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-10421c.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-10422d.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-10423f.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-104241.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-104253.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-104264.tmp
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 03:25:26] - [0 Ko] - C:\WINDOWS\Temp\tw-6ac-6b0-104266.tmp
[MD5.A7D49B2C4C34C0A09CC7D8F746C8DBA4] - |A| - [23/02/2019 03:05:58] - (.-.) - [0.24 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\wmsetup.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AT| - [23/02/2019 03:01:03] - (.-.) - [160 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\~DF069B690197366360.TMP
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AT| - [23/02/2019 03:01:04] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\~DF51B4FBD91ECDB46C.TMP
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AT| - [23/02/2019 08:18:39] - (.-.) - [160 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\~DF55FBB92D0C17769C.TMP
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AT| - [23/02/2019 08:18:39] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\~DF8DD8F71652767096.TMP
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:05] - [0 Ko] - C:\WINDOWS\System32\0409
[MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [15/09/2018 08:28:43] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [15/09/2018 08:28:42] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png
[MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [15/09/2018 08:28:30] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png
[MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [15/09/2018 08:28:50] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [15/09/2018 08:28:51] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png
[MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [15/09/2018 08:28:53] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png
[MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [15/09/2018 08:29:21] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [15/09/2018 08:28:56] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png
[MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [15/09/2018 08:28:26] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png
[MD5.79166EAF65485F1432DD72B72870026B] - |A| - [15/09/2018 08:29:13] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif
[MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png
[MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png
[MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [15/09/2018 08:29:14] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png
[MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [15/09/2018 08:28:36] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png
[MD5.85D91E478AF18125007C531227FF6E59] - |A| - [15/09/2018 08:28:36] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png
[MD5.F2CF417EF502555B139EDCD9FEBF9CD3] - |A| - [26/03/2015 20:11:02] - (.-.) - [107.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AcpiServiceVnA64.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:30] - [2819.03 Ko] - C:\WINDOWS\System32\AdvancedInstallers
[MD5.FE6D792232F609743EABF2C089033651] - |A| - [15/09/2018 08:29:14] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [607.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\as-IN
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ASGCoInstaller_x64.dll
[MD5.5AFF02B97098D9F9FF1FEF87E8BCFA6D] - |A| - [27/08/2014 20:48:02] - (.© Qualcomm Atheros, Inc. - Bluetooth Credential Provider.) - [353.13 Ko] - (8.0.1.330) - C:\WINDOWS\System32\AthCredentialProvider.dll
[MD5.9664C89960298E8E374CC307CE2196E8] - |A| - [26/03/2015 20:01:10] - (.-.) - [91.95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\athwbx.cat
[MD5.969707980039F5FF7CBA8610D5D2CC35] - |A| - [26/03/2015 20:01:10] - (.-.) - [409.63 Ko] - (0.0.0.0) - C:\WINDOWS\System32\athwbx.inf
[MD5.D9627C9671ECC9F808503102CA7AD6C9] - |A| - [26/03/2015 20:01:10] - (.Copyright (C) 2001-2010 Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) - [4123 Ko] - (10.0.0.299) - C:\WINDOWS\System32\athwbx.sys
[MD5.8113D6E1884940FC3F9DED886B364A1E] - |A| - [26/03/2015 20:11:02] - (.-.) - [94.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\audioLibVc.dll
[MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [15/09/2018 08:28:22] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\az-Latn-AZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\be-BY
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [347.5 Ko] - C:\WINDOWS\System32\bg-BG
[MD5.705628497C0012302212A46ADD463E6E] - |A| - [15/09/2018 08:28:22] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png
[MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [15/09/2018 08:28:22] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png
[MD5.705628497C0012302212A46ADD463E6E] - |A| - [15/09/2018 08:28:22] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png
[MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [15/09/2018 08:28:22] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png
[MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png
[MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\bn-BD
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\bn-IN
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [5654.98 Ko] - C:\WINDOWS\System32\Boot
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\bs-Latn-BA
[MD5.E3114E3529A37876FD028BDA7DA1B197] - |A| - [29/06/2015 10:22:38] - (.Qualcomm Atheros Communications Inc. - Qualcomm Atheros Bluetooth Driver Coinstaller.) - [203.09 Ko] - (1.0.0.0) - C:\WINDOWS\System32\btcoinst.dll
[MD5.A28223812129E018B8547EBAC2676434] - |A| - [29/06/2015 10:22:38] - (.© Qualcomm Atheros, Inc. - Atheros Bluetooth Module.) - [204.09 Ko] - (8.0.1.302) - C:\WINDOWS\System32\BtContextMenu.dll
[MD5.2AC902EFD3C3D55A5E71C4145CBB7033] - |A| - [29/06/2015 10:22:38] - (.© Qualcomm Atheros, Inc. - Atheros Bluetooth Module.) - [36.59 Ko] - (8.0.1.302) - C:\WINDOWS\System32\BtContextMenu.dll.muien-US
[MD5.FF8455531929A7067F8A6267B34D2DB8] - |A| - [15/09/2018 08:28:42] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [181.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ca-ES
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ca-ES-valencia
[MD5.00000000000000000000000000000000] - |HD| - [01/07/2017 14:39:09] - [4503.85 Ko] - C:\WINDOWS\System32\CanonIJ Uninstaller Information
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:26] - [60145.66 Ko] - C:\WINDOWS\System32\CatRoot
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [33042.1 Ko] - C:\WINDOWS\System32\catroot2
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\chr-CHER-US
[MD5.225399AEA05354FFC1AC4B41711ADD13] - |A| - [01/07/2017 14:39:43] - (.Copyright CANON INC. 2003-2012 All Rights Reserved - Canon IJ Network 64bit comm Module.) - [351.5 Ko] - (3.1.1.10) - C:\WINDOWS\System32\CNMN6PPM.DLL
[MD5.E7F344507DE8FB326D1089FF6C207C5F] - |A| - [01/07/2017 14:39:43] - (.Copyright CANON INC. 2003-2012 All Rights Reserved - Canon IJ Network 64bit UI Module.) - [38.5 Ko] - (3.1.1.10) - C:\WINDOWS\System32\CNMN6UI.DLL
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [11.19 Ko] - C:\WINDOWS\System32\CodeIntegrity
[MD5.64430E214B5B229D426D2D35538C402D] - |A| - [30/11/2016 01:56:14] - (.-.) - [366.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ColorImageEnhancement.wmv
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [369.5 Ko] - C:\WINDOWS\System32\com
[MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png
[MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png
[MD5.6E14F444A2506049EEC25CB5EDFE0905] - |A| - [26/03/2015 20:11:02] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [110.91 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:26] - [229627.88 Ko] - C:\WINDOWS\System32\config
[MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [53.11 Ko] - C:\WINDOWS\System32\Configuration
[MD5.82DF5576BDD96CE8DF5A06C0571EA463] - |A| - [30/11/2016 01:56:14] - (.-.) - [499.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cp_resources.bin
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [405 Ko] - C:\WINDOWS\System32\cs-CZ
[MD5.BDEBD2FC4927DA00EEA263AF9CF8F7ED] - |A| - [15/09/2018 08:29:14] - (.© 1996 - 2017 Daniel Stenberg, <daniel@haxx.se>. - The curl executable.) - [414.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe
[MD5.F801F648AC05828166E87BC033E1AF6C] - |A| - [26/03/2015 20:11:02] - (.©Conexant Systems Inc. - Conexant APO.) - [1514.19 Ko] - (1.21.0.0) - C:\WINDOWS\System32\CX64APO.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\cy-GB
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [400.5 Ko] - C:\WINDOWS\System32\da-DK
[MD5.EA9E2D370555A40721D492DD039C1F32] - |A| - [15/09/2018 08:28:26] - (.-.) - [145 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [240.31 Ko] - C:\WINDOWS\System32\DDFs
[MD5.27C042B16AAB77DA585FDD2A145FAC0D] - |A| - [26/03/2015 20:11:02] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [255.34 Ko] - (7.6.3.1) - C:\WINDOWS\System32\DDPA64.dll
[MD5.1EA86BB2AA1717F105544F9DCD7DD590] - |A| - [26/03/2015 20:11:02] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [278.27 Ko] - (7.6.7.1) - C:\WINDOWS\System32\DDPA64F3.dll
[MD5.897250C97A775A7A667328F849D93D6F] - |A| - [26/03/2015 20:11:02] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1894.34 Ko] - (7.6.3.1) - C:\WINDOWS\System32\DDPD64A.dll
[MD5.01E7B306CBBEAEFB32118FB229CE200F] - |A| - [26/03/2015 20:11:03] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1888.27 Ko] - (7.6.7.1) - C:\WINDOWS\System32\DDPD64AF3.dll
[MD5.A2D8B4C56F55F0349DC7A0C942833E0F] - |A| - [26/03/2015 20:11:03] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [308.34 Ko] - (7.6.3.1) - C:\WINDOWS\System32\DDPO64A.dll
[MD5.52B5ADE064EC99FD5FF740CF35BB4907] - |A| - [26/03/2015 20:11:03] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [328.27 Ko] - (7.6.7.1) - C:\WINDOWS\System32\DDPO64AF3.dll
[MD5.CCFDC399241063EF7F3EBA80F273F1A2] - |A| - [26/03/2015 20:11:03] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6072.34 Ko] - (7.6.3.1) - C:\WINDOWS\System32\DDPP64A.dll
[MD5.03B3FDBF4E7336EA01EB1F80B8A06820] - |A| - [26/03/2015 20:11:03] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6096.27 Ko] - (7.6.7.1) - C:\WINDOWS\System32\DDPP64AF3.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [455.5 Ko] - C:\WINDOWS\System32\de-DE
[MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [15/09/2018 08:28:30] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png
[MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [15/09/2018 08:28:22] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin
[MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [15/09/2018 08:31:36] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json
[MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [15/09/2018 08:28:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif
[MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [15/09/2018 08:28:44] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml
[MD5.DCF2510E0745720E543E84F5E921FCC0] - |A| - [18/03/2014 16:28:04] - (.-.) - [256.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dfpinc.dat
[MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [925 Ko] - C:\WINDOWS\System32\DiagSvcs
[MD5.BE6BCD1A0D8F8F8072996900200D4CF8] - |A| - [15/09/2018 08:28:38] - (.-.) - [82.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:28] - [9542.32 Ko] - C:\WINDOWS\System32\Dism
[MD5.17FBCE91AEBA666E5BC2423C8EB34E8B] - |A| - [30/11/2016 01:56:14] - (.-.) - [812.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplayAudiox64.cab
[MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png
[MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png
[MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [30/11/2016 01:56:14] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyApp.exe.config
[MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [30/11/2016 01:56:14] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyAppv2_0.exe.config
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:12] - [122126.1 Ko] - C:\WINDOWS\System32\drivers
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\DriverState
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:26] - [17363171.67 Ko] - C:\WINDOWS\System32\DriverStore
[MD5.2D4956F501C2DEBBF520BD1334FA3635] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth1.bin
[MD5.7B5E60EF879E30FD999F0F5BDB61A52B] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth2.bin
[MD5.FCA3FA27539CFF2863448CCAF07F0F5E] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth3.bin
[MD5.2F5C6925DC58C904AB553D5FB49F2DD0] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth4.bin
[MD5.F83A32D9E99788D1798C44B0FA4180DD] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth5.bin
[MD5.0D070A4D45A2C027CA55AF4F514A0069] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth6.bin
[MD5.18482889E9C8F882896C98D757CF1B5F] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth7.bin
[MD5.240138ED4016885FBF8C81D5CDCFD173] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth8.bin
[MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [161.5 Ko] - C:\WINDOWS\System32\dsc
[MD5.8B5A737AD11EF45D9B1AEB4ED6884968] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [711.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll
[MD5.21B38D4D86A87909491F690883AE6D1E] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS Boost COM DLL.) - [1452.1 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll
[MD5.FF31A2F57AAAB58DB78FCC961A58B206] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [418.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll
[MD5.BC0474E5476E5EA0D0E1AA5AC41E2061] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS GFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll
[MD5.3B8FB5376F5431C0101747D5138BCB9B] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS GFX APO.) - [236.1 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll
[MD5.B3977C8BA77559F4F8752AE8EB724C87] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS LFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll
[MD5.192A03A21636D3775CEE4C049C3BEB2A] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS Limiter COM DLL.) - [422.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll
[MD5.2EF5442E8E7ED20F7634EEFB09640C8F] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [479.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll
[MD5.F7C357462077156DC211AC2112FC8C53] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1531.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll
[MD5.F132C08BD8C58579B400DFAA71F34CFB] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1715.1 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll
[MD5.9948969B2C1987B1D64789EFEB284A84] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS Symmetry COM DLL.) - [695.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll
[MD5.37B8A8089ECED77F6CEAF74917C5D12B] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS GFX APO.) - [475.94 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PGFX64.dll
[MD5.8AE860D92752CFA136979B1FF797FFDC] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS LFX APO.) - [489.44 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PLFX64.dll
[MD5.A9B98F96FBE514ADEABD20B2BD132172] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS LFX APO.) - [405.94 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PREC64.dll
[MD5.DE32448E6B40141C80DAABFF6FBE1744] - |A| - [26/03/2015 20:11:03] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [677.1 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll
[MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [15/09/2018 08:28:22] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin
[MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [15/09/2018 08:28:22] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin
[MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [15/09/2018 08:28:22] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin
[MD5.08C33E4AB904EC0960B0781ED26AE039] - |A| - [15/09/2018 08:28:20] - (.-.) - [2.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [460 Ko] - C:\WINDOWS\System32\el-GR
[MD5.9B97EBEB5DE4D458724E3D13D4FF09B6] - |A| - [22/04/2016 10:11:29] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:05] - [0 Ko] - C:\WINDOWS\System32\en
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [325.5 Ko] - C:\WINDOWS\System32\en-GB
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [1650.03 Ko] - C:\WINDOWS\System32\en-US
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [435 Ko] - C:\WINDOWS\System32\es-ES
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [360.5 Ko] - C:\WINDOWS\System32\es-MX
[MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [15/09/2018 08:28:26] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [405.5 Ko] - C:\WINDOWS\System32\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\fil-PH
[MD5.A08B87CC51FB774ED45FDF4284B1974F] - |A| - [30/11/2016 01:56:14] - (.-.) - [626.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FilmModeDetection.wmv
[MD5.86177A958F4B9AD449C1EC7569DE2193] - |A| - [01/10/2012 20:35:42] - (.- Microsoft® Forms DLL.) - [1555.13 Ko] - (15.0.4420.1017) - C:\WINDOWS\System32\FM20.DLL
[MD5.E44C360B261B0C35F175370F20D5DDCD] - |A| - [01/10/2012 20:38:12] - (.- Microsoft® Forms International DLL.) - [31.14 Ko] - (15.0.4420.1017) - C:\WINDOWS\System32\FM20ENU.DLL
[MD5.2A7D873D71572E1EF6D0552BABC1B03E] - |A| - [01/10/2012 21:04:00] - (.- Microsoft® Forms International DLL.) - [35.16 Ko] - (15.0.4420.1017) - C:\WINDOWS\System32\FM20FRA.DLL
[MD5.C8108DAFBD69983B1A783DCCF258D206] - |A| - [23/02/2019 02:57:19] - (.-.) - [436.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:05] - [3403.5 Ko] - C:\WINDOWS\System32\fr
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [370.5 Ko] - C:\WINDOWS\System32\fr-CA
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [46541.6 Ko] - C:\WINDOWS\System32\fr-FR
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\FxsTmp
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ga-IE
[MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png
[MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png
[MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [15/09/2018 08:29:23] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\gd-GB
[MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [30/11/2016 01:56:14] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv2_0.exe.config
[MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [30/11/2016 01:56:14] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv4_0.exe.config
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [03/06/2017 10:03:39] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GfxValDisplayLog.bin
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\gl-ES
[MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:31] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:31] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\gu-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ha-Latn-NG
[MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png
[MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [329 Ko] - C:\WINDOWS\System32\he-IL
[MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png
[MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png
[MD5.202A07E4526B050E22624328E64E0470] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png
[MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png
[MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png
[MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png
[MD5.9270BD94661CE72F98F5B0BB9D184D15] - |A| - [15/09/2018 08:28:34] - (.-.) - [256.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\hi-IN
[MD5.BE499DF9C68CD45684E7FC07BE4F9E18] - |A| - [09/03/2017 07:11:48] - (.© 2015 HPDC LP - DeviceCoInstaller.) - [320.63 Ko] - (40.11.1108.1741) - C:\WINDOWS\System32\hpinkcoiE511.dll
[MD5.160ED702CE31D038C55F144A07530937] - |A| - [09/03/2017 07:11:50] - (.© 2015 HPDC LP - hpinkins.exe.) - [2883.63 Ko] - (40.11.1108.1741) - C:\WINDOWS\System32\hpinkinsE511.exe
[MD5.F897A633A36BB95BEF96BF84A094F313] - |A| - [09/03/2017 07:11:54] - (.© 2015 HPDC LP - Print Status Language Monitor.) - [384.13 Ko] - (40.11.1108.1741) - C:\WINDOWS\System32\hpinkstsE511LM.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [336.5 Ko] - C:\WINDOWS\System32\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [412.5 Ko] - C:\WINDOWS\System32\hu-HU
[MD5.E092D70A1D2D6E2CE75071A0A12EC06C] - |A| - [15/09/2018 08:29:24] - (.-.) - [37.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\hy-AM
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:40:58] - [160.64 Ko] - C:\WINDOWS\System32\hydrogen
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [5.36 Ko] - C:\WINDOWS\System32\ias
[MD5.E6B2E3CE34C6269E8EF9A0F2A7068412] - |A| - [26/03/2015 20:11:04] - (.Copyright (c) 2014, ICEpower a/s - ICEpower ICEsound audio effects.) - [299.11 Ko] - (1.0.0.14) - C:\WINDOWS\System32\ICEsoundAPO64.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [36.27 Ko] - C:\WINDOWS\System32\icsxml
[MD5.4E8DC385E4272D240107F7FAAA5AFB6D] - |RA| - [15/09/2018 08:28:36] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1812.5 Ko] - (61.1.0.0) - C:\WINDOWS\System32\icuin.dll
[MD5.18FDD8D8C5BFA9B1767C2BFE97E74090] - |RA| - [15/09/2018 08:28:36] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1315.5 Ko] - (61.1.0.0) - C:\WINDOWS\System32\icuuc.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\id-ID
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ig-NG
[MD5.AB2D50B6F3C665B55C8E5A049D59E7CC] - |A| - [30/11/2016 01:56:18] - (.-.) - [5663.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igdclbif.bin
[MD5.B00A94D06A20B9B7382818E169613E9E] - |A| - [30/11/2016 21:56:42] - (.Copyright (C) 2012-2015 - MDF(CM) Runtime DX11 Dynamic Link Library.) - [178.7 Ko] - (5.0.0.1148) - C:\WINDOWS\System32\igfx11cmrt64.dll
[MD5.7ACB75AA480D7F81A01C74241C866F4F] - |A| - [30/11/2016 21:56:18] - (.Copyright (C) 2010 - 2015 - MDF(CM) JIT Dynamic Link Library.) - [1553.51 Ko] - (5.0.0.1148) - C:\WINDOWS\System32\igfxcmjit64.dll
[MD5.81583957ADAE0BD3B7E416C160C40E07] - |A| - [30/11/2016 21:56:50] - (.Copyright (C) 2010 - 2015 - MDF(CM) Runtime Dynamic Link Library.) - [179.7 Ko] - (5.0.0.1148) - C:\WINDOWS\System32\igfxcmrt64.dll
[MD5.EF9390A03B2BDE2E6A24C71BEB5748F3] - |A| - [30/11/2016 21:56:22] - (.-.) - [267.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCPL.cpl
[MD5.C3944847462CBEFAE479C31D938C1491] - |A| - [30/11/2016 21:56:32] - (.-.) - [101.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCUIServicePS.dll
[MD5.B96A6C8002F307BCC2D35F9CD4DA287F] - |A| - [30/11/2016 21:56:38] - (.-.) - [82.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLib.dll
[MD5.B9F6958F071CC397BAF2A93F4993429D] - |A| - [30/11/2016 21:56:40] - (.-.) - [93.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLibv2_0.dll
[MD5.2452E415E1D8A64E26D7970EC882BC56] - |A| - [30/11/2016 21:56:46] - (.-.) - [28.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILib.dll
[MD5.56A686346BD2B62A28DE9E30E85F67A2] - |A| - [30/11/2016 21:56:48] - (.-.) - [28.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILibv2_0.dll
[MD5.D6919CD2FA3C0C794A062D3D266C8930] - |A| - [30/11/2016 21:56:58] - (.-.) - [27.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLib.dll
[MD5.2CD34AA6E9E3CBAFF25A9DB933FDD4EF] - |A| - [30/11/2016 21:57:00] - (.-.) - [27.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLibv2_0.dll
[MD5.849D49E4FE8FE71DA638E87FBF8C3CF9] - |A| - [30/11/2016 21:57:18] - (.-.) - [22.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLib.dll
[MD5.014908E8B2E69BA6F1DED6897FCC7985] - |A| - [30/11/2016 21:57:24] - (.-.) - [22.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLibv2_0.dll
[MD5.7136416D6203AABE347B418646B49359] - |A| - [30/11/2016 21:57:32] - (.-.) - [1002.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxSDK.exe
[MD5.B698EBBAC77D6E698F5550746F3E9A7D] - |A| - [30/11/2016 21:57:36] - (.-.) - [98.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxSDKLib.dll
[MD5.3F97F0FE00548B1B271B2D9B5E769C00] - |A| - [30/11/2016 21:57:42] - (.-.) - [109.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxSDKLibv2_0.dll
[MD5.63C36E3D97A3EA6B3A89B6075BD77925] - |A| - [30/11/2016 21:57:46] - (.-.) - [392.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxTray.exe
[MD5.6C0F36ABFE80433B352FA7748ED887BF] - |A| - [30/11/2016 01:56:20] - (.-.) - [2748 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.cpa
[MD5.0D3AF85E1F169395885151038ADE9317] - |A| - [30/11/2016 01:56:20] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.vp
[MD5.A0D0A10C8DA1B00A2EE378357F72BA90] - |A| - [30/11/2016 01:56:20] - (.-.) - [39.37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64.vp
[MD5.7B929507BB2C2A3FBD2956EC3515364C] - |A| - [30/11/2016 01:56:20] - (.-.) - [40.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64_dev.vp
[MD5.1A8302994182D4FC003A71DC6D23EE81] - |A| - [30/11/2016 01:56:20] - (.-.) - [38.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64.vp
[MD5.38FA402460982FE9A071BEC11C58B0D3] - |A| - [30/11/2016 01:56:20] - (.-.) - [38.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64_dev.vp
[MD5.26526A63D35D8E4E19C46F920AAF48F2] - |A| - [30/11/2016 01:56:20] - (.-.) - [39.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64.vp
[MD5.9CD97189D5A5E409BBEC1B28A8AFD428] - |A| - [30/11/2016 01:56:20] - (.-.) - [39.97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64_dev.vp
[MD5.43B54B93E36AD6D5842C33697D5B3F47] - |A| - [30/11/2016 01:56:20] - (.-.) - [4.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxs64.vp
[MD5.5C75F3B35EB158BF27B87A5920B77A3E] - |A| - [15/09/2018 08:28:22] - (.-.) - [195 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll
[MD5.3ED204C864E5CC3C78D3DBB707D102D1] - |A| - [30/11/2016 01:56:20] - (.-.) - [394.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ImageStabilization.wmv
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [25900.42 Ko] - C:\WINDOWS\System32\IME
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\inetsrv
[MD5.437B8732902A8DF6E14101AA963A5D4F] - |A| - [15/09/2018 08:28:36] - (.-.) - [814.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [6936 Ko] - C:\WINDOWS\System32\InputMethod
[MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png
[MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png
[MD5.72652EDC712584F93088238767533BBC] - |A| - [30/11/2016 21:58:02] - (.Copyright (C) 2015 - IntelCpHDCPSvc Executable.) - [437.97 Ko] - (1.0.0.1) - C:\WINDOWS\System32\IntelCpHDCPSvc.exe
[MD5.EE5C284485228230494662C005FE51D7] - |A| - [30/11/2016 21:59:00] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [97.51 Ko] - (2.0.2.0) - C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\Ipmi
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\is-IS
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [434 Ko] - C:\WINDOWS\System32\it-IT
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [324.59 Ko] - C:\WINDOWS\System32\ja-jp
[MD5.6F7D1601DA55BBE5C7A79E01E236D7B9] - |A| - [26/03/2015 20:11:04] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [589.83 Ko] - (4.1105.6000.53) - C:\WINDOWS\System32\KAAPORT64.dll
[MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png
[MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\kk-KZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\km-KH
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\kn-IN
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [297.5 Ko] - C:\WINDOWS\System32\ko-KR
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\kok-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ku-Arab-IQ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ky-KG
[MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [15/09/2018 08:28:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif
[MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [15/09/2018 08:28:22] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\lb-LU
[MD5.157FB82D7141B18624FF2D42190C97E1] - |A| - [15/09/2018 17:39:53] - (.-.) - [1572 Ko] - (2.6.5.1) - C:\WINDOWS\System32\libcrypto.dll
[MD5.75616F8DB5C092A8A50AFEC273859DD7] - |A| - [26/03/2015 20:11:04] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [311.34 Ko] - (2.2.9.0) - C:\WINDOWS\System32\MaxxAudioAPO20.dll
[MD5.06080807E61471A18AD99F3E6FF3C9B5] - |A| - [26/03/2015 20:11:04] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [647.75 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxAudioAPO30.dll
[MD5.80C4F3C1718C9EB97872E8074F215D35] - |A| - [26/03/2015 20:11:04] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1110.09 Ko] - (4.5.5.0) - C:\WINDOWS\System32\MaxxAudioAPO4064.dll
[MD5.66506E27192FF6BEAD339D5BCDE719E8] - |A| - [26/03/2015 20:11:04] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1464.83 Ko] - (5.6.0.0) - C:\WINDOWS\System32\MaxxAudioAPO5064.dll
[MD5.A2735EF4F7D5FA18B539A4CFD3471356] - |A| - [26/03/2015 20:11:04] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1328.75 Ko] - (6.1.6.0) - C:\WINDOWS\System32\MaxxAudioAPO6064.dll
[MD5.71947A1775D4CBD9CBE580C6E97FF78E] - |A| - [26/03/2015 20:11:04] - (.Copyright (C) 2010-2013 - MaxxAudio APO Shell.) - [901.25 Ko] - (4.10.8.0) - C:\WINDOWS\System32\MaxxAudioAPOShell64.dll
[MD5.E93ADE8C38CA41442FE60E844DED92AC] - |A| - [26/03/2015 20:11:04] - (.Copyright © 1996-2014 -.) - [1993.59 Ko] - (4.1.1.0) - C:\WINDOWS\System32\MaxxAudioEQ64.dll
[MD5.CB56F27AFF28FB9576C6FC79E6D14036] - |A| - [26/03/2015 20:11:04] - (.Copyright © 1996-2013 -.) - [13719.25 Ko] - (4.4.10.0) - C:\WINDOWS\System32\MaxxAudioRealtek64.dll
[MD5.581778867AEB80C4366057B3DE1DC4D0] - |A| - [26/03/2015 20:11:04] - (.© Waves Audio Ltd. - MaxxSpeech APO.) - [1283.11 Ko] - (1.1.4.0) - C:\WINDOWS\System32\MaxxSpeechAPO64.dll
[MD5.BD57E21A3EA84D1C8CBBF4CD6265B1D0] - |A| - [26/03/2015 20:11:04] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [956.33 Ko] - (2.6.0.0) - C:\WINDOWS\System32\MaxxVoiceAPO2064.dll
[MD5.D6C4DCA94B1D31F57269B7E04F081D7F] - |A| - [26/03/2015 20:11:04] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12663.75 Ko] - (3.1.4.0) - C:\WINDOWS\System32\MaxxVoiceAPO3064.dll
[MD5.587A8CF457604D84266FF858CEB60223] - |A| - [26/03/2015 20:11:04] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [647.25 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxVolumeSDAPO.dll
[MD5.162681E1AABA50C46DDAF4FD9C5EC50B] - |A| - [15/09/2018 08:28:57] - (.-.) - [839 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE
[MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png
[MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png
[MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [15/09/2018 08:28:22] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin
[MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [15/09/2018 08:31:36] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\mn-MN
[MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png
[MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\mr-IN
[MD5.00000000000000000000000000000000] - |D| - [22/07/2015 21:57:24] - [0 Ko] - C:\WINDOWS\System32\MRT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ms-MY
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [4404.28 Ko] - C:\WINDOWS\System32\MsDtc
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\mt-MT
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [20.55 Ko] - C:\WINDOWS\System32\MUI
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [34.35 Ko] - C:\WINDOWS\System32\my-mm
[MD5.52D09193B954697371DFA7BE9E520D05] - |A| - [26/03/2015 20:11:04] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5112.26 Ko] - (6.3.9600.17231) - C:\WINDOWS\System32\NAHIMICAPOlfx.dll
[MD5.4E5442D9B14EF9EF679CD8D65CD50A51] - |A| - [26/03/2015 20:11:04] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [971.8 Ko] - (1.0.0.14866) - C:\WINDOWS\System32\NahimicAPONSControl.dll
[MD5.0DFE807693F6BAC18DDE6F86478D0156] - |A| - [26/03/2015 20:11:04] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5357.76 Ko] - (6.3.9600.16384) - C:\WINDOWS\System32\NAHIMICV2apo.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [396 Ko] - C:\WINDOWS\System32\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [896 Ko] - C:\WINDOWS\System32\NDF
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ne-NP
[MD5.9B4847CA5B7101B7B4042524A649968D] - |A| - [03/06/2017 10:01:20] - (.-.) - [200.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log
[MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [15/09/2018 08:29:23] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [51 Ko] - C:\WINDOWS\System32\networklist
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [431 Ko] - C:\WINDOWS\System32\nl-NL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\nn-NO
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\nso-ZA
[MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [3781.5 Ko] - C:\WINDOWS\System32\Nui
[MD5.43EE5D523F29FC802E8A219FD1CF1F8C] - |A| - [12/12/2017 16:02:06] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nv-vk64.json
[MD5.71EC74BC62175A128CE59AFFB4040488] - |A| - [03/06/2017 10:04:46] - (.-.) - [7690.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin
[MD5.AA199EEB14B91079DE8813C27B2B533C] - |A| - [12/12/2017 16:02:08] - (.-.) - [47.37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb
[MD5.7F3D6C958422727C4EA7C247E4743C8F] - |A| - [15/09/2018 17:40:58] - (.-.) - [17.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png
[MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [26598 Ko] - C:\WINDOWS\System32\oobe
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:53] - [3554.5 Ko] - C:\WINDOWS\System32\OpenSSH
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\or-IN
[MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [15/09/2018 08:28:22] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\pa-Arab-PK
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\pa-IN
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [1123.97 Ko] - C:\WINDOWS\System32\PerceptionSimulation
[MD5.A48BFC73DB830E8DCEC291C2945EA849] - |A| - [15/09/2018 08:35:59] - (.-.) - [130.63 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat
[MD5.30ADA6DA3725378F565554491401B899] - |A| - [15/09/2018 17:39:07] - (.-.) - [146.94 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat
[MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [15/09/2018 08:35:59] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat
[MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [15/09/2018 17:39:07] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat
[MD5.D9D869DE7E7DB3527B1E60FFA9152A1A] - |A| - [15/09/2018 08:35:59] - (.-.) - [686.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat
[MD5.A8A7EC7AFDFEB191608D61BFD5162890] - |A| - [15/09/2018 17:39:07] - (.-.) - [775.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat
[MD5.5A26131E4F6538AF2FB213BDFB77BC21] - |A| - [23/02/2019 03:15:45] - (.-.) - [1729.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI
[MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [15/09/2018 08:28:22] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png
[MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [428.5 Ko] - C:\WINDOWS\System32\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [437 Ko] - C:\WINDOWS\System32\PointOfService
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [420.74 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\ProximityToast
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\prs-AF
[MD5.007893E8374C766471239EB291BA8C17] - |A| - [15/09/2018 08:28:29] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [423.5 Ko] - C:\WINDOWS\System32\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [426 Ko] - C:\WINDOWS\System32\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\quc-Latn-GT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\quz-PE
[MD5.8882AD10853E45402CABD3BAF48A7EFC] - |A| - [26/03/2015 20:11:04] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [121.27 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEA64A.dll
[MD5.0B5EF50E26CFD1E7BF01E32E053532B2] - |A| - [26/03/2015 20:11:04] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [424.77 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EED64A.dll
[MD5.01096663377134C41D618AF0E53A953E] - |A| - [26/03/2015 20:11:04] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [73.27 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEG64A.dll
[MD5.D0EB28022A91A5C084E8A7DEBB08D8D2] - |A| - [26/03/2015 20:11:04] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [138.27 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEL64A.dll
[MD5.03625A179B27362D3A90E3331AEBE95E] - |A| - [26/03/2015 20:11:04] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [6996.27 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEP64A.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [23.75 Ko] - C:\WINDOWS\System32\ras
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\RasToast
[MD5.B855C50767A4959A128D7171E0FCD107] - |A| - [15/09/2018 08:29:21] - (.-.) - [1955 Ko] - (1.0.1808.22001) - C:\WINDOWS\System32\rdpnano.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [2.25 Ko] - C:\WINDOWS\System32\Recovery
[MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png
[MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png
[MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [15/09/2018 08:29:25] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList
[MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [15/09/2018 08:29:25] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost
[MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [15/09/2018 08:29:25] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList
[MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [15/09/2018 08:29:25] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png
[MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0.07 Ko] - C:\WINDOWS\System32\restore
[MD5.7C915EED03B0C9E70A1621F21DF6A43A] - |A| - [26/03/2015 20:06:39] - (.-.) - [15.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\results.xml
[MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |A| - [26/03/2015 20:11:05] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll
[MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |A| - [26/03/2015 20:11:05] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll
[MD5.3E91802282A5430F82ACF50C8A874E64] - |A| - [14/05/2015 10:44:38] - (.Copyright (C) 2014 - RtCRX.) - [82.02 Ko] - (1.11.9600.0) - C:\WINDOWS\System32\RtCRX64.dll
[MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |A| - [26/03/2015 20:11:05] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll
[MD5.6F4CD493196100EEF349D7132CECAFD9] - |A| - [26/03/2015 20:11:05] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll
[MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |A| - [26/03/2015 20:11:05] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll
[MD5.D0D0D82B7366E691275E433CD34F89B2] - |A| - [26/03/2015 20:11:05] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll
[MD5.8AA05F502FCF586AFEA8E5C4AFB19AEB] - |A| - [15/09/2018 08:28:46] - (.-.) - [56.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\rw-RW
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [15/09/2018 08:29:46] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png
[MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sd-Arab-PK
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET14.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET14F5.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET277.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET3021.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET3A81.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET4850.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET4E99.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET60F.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET73AD.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET837C.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SET9BF3.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SETA17.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SETBA96.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SETD85C.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SETE357.tmp
[MD5.AEBAE04E0A50089823B963B0D0FCE03F] - |A| - [11/11/2016 01:27:28] - (.-.) - [64.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SETEE07.tmp
[MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [15/09/2018 08:28:26] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat
[MD5.17ABCAD44A75C635583A238ED6333357] - |A| - [26/03/2015 20:11:06] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [76.84 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFAPO64.dll
[MD5.2C25AF115BDDC05D9A84D26227A08E63] - |A| - [26/03/2015 20:11:06] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [79.34 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFCOM64.dll
[MD5.7B3E9344FB43D799C6462227A0E65877] - |A| - [26/03/2015 20:11:06] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [215.84 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFNHK64.dll
[MD5.DBB99601D716F92CDD97CE4E60865319] - |A| - [26/03/2015 20:11:06] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [921.66 Ko] - (3.1.38.0) - C:\WINDOWS\System32\sl3apo64.dll
[MD5.6F8B108E8B57AC88F90D6EA13B2A1755] - |A| - [26/03/2015 20:11:06] - (.Copyright (C) 2011 SRS Labs, Inc. - SRS Labs.) - [1078.16 Ko] - (3.1.38.0) - C:\WINDOWS\System32\slcnt64.dll
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 02:57:24] - [1901.15 Ko] - C:\WINDOWS\System32\SleepStudy
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [52.14 Ko] - C:\WINDOWS\System32\slmgr
[MD5.2E4C258CB2FF3D249FD0ABBCABC664A1] - |A| - [26/03/2015 20:11:06] - (.TODO: (c) <Company name>. - TODO: <File description>.) - [244.66 Ko] - (1.0.0.1) - C:\WINDOWS\System32\slprp64.dll
[MD5.EC05C33DF2CF20D839FE3650505ED6ED] - |A| - [26/03/2015 20:11:06] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [717.16 Ko] - (3.1.38.0) - C:\WINDOWS\System32\sltech64.dll
[MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [15/09/2018 08:28:22] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:26] - [14633.02 Ko] - C:\WINDOWS\System32\SMI
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png
[MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png
[MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png
[MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png
[MD5.D7C806511EE5CD3E3F9FB0D26957EBED] - |A| - [15/09/2018 08:29:24] - (.-.) - [37.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [7564.02 Ko] - C:\WINDOWS\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [12401.73 Ko] - C:\WINDOWS\System32\Speech_OneCore
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [228717.32 Ko] - C:\WINDOWS\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [7514.21 Ko] - C:\WINDOWS\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [23.61 Ko] - C:\WINDOWS\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sq-AL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS
[MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [454.23 Ko] - C:\WINDOWS\System32\sr-Latn-RS
[MD5.A7BF7ABF7F7060650C304A39AA3DB471] - |A| - [26/03/2015 20:11:06] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [441.02 Ko] - (4.0.0.58) - C:\WINDOWS\System32\SRAPO64.dll
[MD5.4E498748961C77D626515992B77E7A94] - |A| - [26/03/2015 20:11:06] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [319.02 Ko] - (4.0.0.58) - C:\WINDOWS\System32\SRCOM.dll
[MD5.5300D47CC8A1A097B59597074BF63DDA] - |A| - [26/03/2015 20:11:06] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [358.02 Ko] - (4.0.0.58) - C:\WINDOWS\System32\SRCOM64.dll
[MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [15/09/2018 08:29:25] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat
[MD5.4FD560E994EDF0353835F3F9F506A62C] - |A| - [15/09/2018 08:29:22] - (.-.) - [57.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat
[MD5.6237222E779D1A47B762FCC442843382] - |A| - [26/03/2015 20:11:06] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1378.02 Ko] - (4.0.0.58) - C:\WINDOWS\System32\SRRPTR64.dll
[MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |A| - [26/03/2015 20:11:06] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll
[MD5.A028717B791416182959B325D5B40679] - |A| - [26/03/2015 20:11:06] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll
[MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [26/03/2015 20:11:06] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll
[MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [26/03/2015 20:11:06] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [46168 Ko] - C:\WINDOWS\System32\sru
[MD5.DE63BBC4AF740A7D0C379A9D758FBCE9] - |A| - [15/09/2018 08:28:22] - (.-.) - [439 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll
[MD5.00000000000000000000000000000000] - |D| - [01/07/2017 14:39:43] - [153 Ko] - C:\WINDOWS\System32\STRING
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [403 Ko] - C:\WINDOWS\System32\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sw-KE
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:28] - [1389.12 Ko] - C:\WINDOWS\System32\Sysprep
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [955.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [10.73 Ko] - C:\WINDOWS\System32\ta-in
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk
[MD5.0B8821B257EEE9C01CD29C62AE9D3EF9] - |A| - [15/09/2018 08:29:16] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [666.77 Ko] - C:\WINDOWS\System32\Tasks
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [641.24 Ko] - C:\WINDOWS\System32\Tasks_Migrated
[MD5.D602CA245CC6774A0981B607F0675609] - |A| - [15/09/2018 08:28:56] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\te-IN
[MD5.B88B8D017386A00D7724519F475317A0] - |A| - [15/09/2018 08:28:26] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt
[MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [15/09/2018 08:28:26] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\tt-RU
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ug-CN
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [336.5 Ko] - C:\WINDOWS\System32\uk-UA
[MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [1930.5 Ko] - C:\WINDOWS\System32\UNP
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ur-PK
[MD5.F729741D514ED13EF6AFCB1B568987A9] - |A| - [15/09/2018 08:28:38] - (.-.) - [44.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\uz-Latn-UZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\vi-VN
[MD5.08BD2F7A762134BF86645BBA219A6B98] - |A| - [14/09/2017 00:19:50] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [905.8 Ko] - (1.0.61.0) - C:\WINDOWS\System32\vulkan-1-1-0-61-0.dll
[MD5.08BD2F7A762134BF86645BBA219A6B98] - |A| - [17/11/2018 13:21:22] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [905.8 Ko] - (1.0.61.0) - C:\WINDOWS\System32\vulkan-1.dll
[MD5.6DC78B9184771F60544B9D0CC42076B3] - |A| - [14/09/2017 00:19:38] - (.-.) - [577.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-61-0.exe
[MD5.6DC78B9184771F60544B9D0CC42076B3] - |A| - [17/11/2018 13:21:22] - (.-.) - [577.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo.exe
[MD5.D5DBBF94106B931112FBFB19A1351506] - |A| - [26/03/2015 20:11:06] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2052.59 Ko] - (4.4.5.0) - C:\WINDOWS\System32\WavesGUILib64.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [95952.94 Ko] - C:\WINDOWS\System32\wbem
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [0 Ko] - C:\WINDOWS\System32\WCN
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [52811 Ko] - C:\WINDOWS\System32\WDI
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [15/09/2018 08:28:44] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml
[MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:30] - [0 Ko] - C:\WINDOWS\System32\wfp
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [48376.89 Ko] - C:\WINDOWS\System32\WinBioPlugIns
[MD5.89539DF69CB40A7D214B9EC799EF5CAA] - |A| - [15/09/2018 08:28:34] - (.-.) - [122.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:31] - [14.53 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Media.Shared
[MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:31] - [27.59 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Shared
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [10239.93 Ko] - C:\WINDOWS\System32\WindowsPowerShell
[MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [15/09/2018 08:28:26] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [46144 Ko] - C:\WINDOWS\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [6006.72 Ko] - C:\WINDOWS\System32\WinMetadata
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [107.53 Ko] - C:\WINDOWS\System32\winrm
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\wo-SN
[MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [15/09/2018 08:28:24] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png
[MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [15/09/2018 08:28:46] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml
[MD5.CD70FD75FDAF5B66A3F0FD38513DA636] - |A| - [15/09/2018 08:28:30] - (.-.) - [95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\xh-ZA
[MD5.5C5A797761421CF9B72087F3BC8A5259] - |A| - [03/06/2017 10:03:43] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[MD5.1373F6562D5E4C715D5D3583E350093E] - |A| - [03/06/2017 10:03:43] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [0 Ko] - C:\WINDOWS\SysWOW64\0409
[MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [15/09/2018 08:29:07] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [15/09/2018 08:29:07] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [15/09/2018 08:29:08] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [15/09/2018 08:29:12] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png
[MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [15/09/2018 08:29:27] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:31] - [1963.8 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\af-ZA
[MD5.795B6F571633CBEA1674391D0A10AAF2] - |A| - [30/09/2017 10:52:06] - (.Next Generation Technologies - DMX Interface Driver.) - [656 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\Afterglow.out.dll
[MD5.B761ACA21529DB2F6FB2BC0D5FF66A60] - |A| - [30/09/2017 10:52:07] - (.(C) 2006 Next Generation Technologies - Afterglow Driver.) - [56 Ko] - (3.1.3.0) - C:\WINDOWS\SysWOW64\AGlowdrv.dll
[MD5.72B3EC67A29E606DD75EE0534D8B9D0B] - |A| - [30/09/2017 10:52:07] - (.(C) 2006 Next Generation Technologies - Afterglow Thread Driver.) - [76 Ko] - (3.1.3.0) - C:\WINDOWS\SysWOW64\AGlowthd.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\am-ET
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [228.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA
[MD5.30196C11BFB7FC2F4DD2A289AFFD8A84] - |A| - [15/09/2018 08:29:27] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [521 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\archiveint.dll
[MD5.60EBE024BC7AE2E178F9EC8ECEFD2B20] - |A| - [30/09/2017 10:52:02] - (.Copyright ©  2014 - ArtDLL2.) - [28.5 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\ArtDLL2.dll
[MD5.DBCCE9612031BE172FF4D2099E9CB2CB] - |A| - [30/09/2017 10:52:02] - (.-.) - [2.68 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ArtDLL2.tlb
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\as-IN
[MD5.D37E6FB07F305019A25AEFDA2A0C3363] - |A| - [26/03/2015 20:26:27] - (.Copyright ©  2013-2014 - WaveSim.) - [127.5 Ko] - (1.0.0.9032) - C:\WINDOWS\SysWOW64\ASUS.scr
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\be-BY
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [206.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-BD
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot
[MD5.059741A76B41CC4E3356A4B46C4AA9C2] - |A| - [30/09/2017 10:52:02] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ccrpTmr6.dep
[MD5.63BCF32A8787A963858763035B70B2F6] - |A| - [30/09/2017 10:52:02] - (.Copyright ©1995-98, Karl E. Peterson - Timer, Countdown, and Stopwatch objects for people tired of using forms!.) - [88 Ko] - (2.0.0.171) - C:\WINDOWS\SysWOW64\ccrpTmr6.dll
[MD5.D010B344E31017829F8CD17A638E6467] - |A| - [30/09/2017 10:52:02] - (.-.) - [10.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ccrpTmr6.tlb
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US
[MD5.80621A595D8AC5A16BC0E91750301BC1] - |A| - [01/07/2017 14:39:43] - (.Copyright CANON INC. 2003-2012 All Rights Reserved - Canon IJ Network 32bit comm Module.) - [358 Ko] - (3.1.1.10) - C:\WINDOWS\SysWOW64\CNMNPPM.DLL
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [317.5 Ko] - C:\WINDOWS\SysWOW64\com
[MD5.ADA2F1ECF04DFB97322BC2A63B2DEE4A] - |A| - [30/09/2017 10:52:07] - (.Copyright © 1998 Steve McMahon - Progress Bar Control for VB.) - [27 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\cProgBar.ocx
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [263 Ko] - C:\WINDOWS\SysWOW64\cs-CZ
[MD5.A13ED3466516D2B60AC4EE4373ECE977] - |A| - [15/09/2018 08:29:27] - (.© 1996 - 2017 Daniel Stenberg, <daniel@haxx.se>. - The curl executable.) - [377.5 Ko] - (7.55.1.0) - C:\WINDOWS\SysWOW64\curl.exe
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\cy-GB
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [263.5 Ko] - C:\WINDOWS\SysWOW64\da-DK
[MD5.7C9452A4FACBA19BCA75233992E95048] - |A| - [30/09/2017 10:52:02] - (.-.) - [76 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\dashardvb.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [290.5 Ko] - C:\WINDOWS\SysWOW64\de-DE
[MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [15/09/2018 08:29:03] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png
[MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:51] - [202.5 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [7548.49 Ko] - C:\WINDOWS\SysWOW64\Dism
[MD5.A1F4D2CDB172F2CCADEE3C6CF0E5EFBE] - |A| - [30/09/2017 10:52:02] - (.-.) - [43.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\dmx120.dll
[MD5.4577B4EE4BFD9CDF171232FDB19401E6] - |A| - [30/09/2017 10:52:06] - (.-.) - [83 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DMX510Vb.dll
[MD5.9AB107D250C56910F59D127070D9450F] - |A| - [30/09/2017 10:52:02] - (.-.) - [43.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\dmx60.dll
[MD5.9A9702BCE8D9BC88EDFDB460E7AB2609] - |A| - [26/10/2003 13:02:52] - (.Copyright © 1998-2003 by Desaware Inc. All Rights Reserved - Desaware SpyWorks 6 Windows Hook Control.) - [142.5 Ko] - (7.1.0.4) - C:\WINDOWS\SysWOW64\DWSHK36.OCX
[MD5.0E876010EF664EC92AA72865759D054A] - |A| - [15/09/2003 05:30:00] - (.Copyright © 1998-2000 by Desaware Inc. - SpyWorks support library..) - [76 Ko] - (7.1.0.0) - C:\WINDOWS\SysWOW64\DWSPY36.dll
[MD5.9C6509CC0A1F810C307272FBD4348AF8] - |A| - [30/09/2017 10:52:06] - (.-.) - [314.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Easylase.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [294 Ko] - C:\WINDOWS\SysWOW64\el-GR
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [0 Ko] - C:\WINDOWS\SysWOW64\en
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [191 Ko] - C:\WINDOWS\SysWOW64\en-GB
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [664.03 Ko] - C:\WINDOWS\SysWOW64\en-US
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [278 Ko] - C:\WINDOWS\SysWOW64\es-ES
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [209 Ko] - C:\WINDOWS\SysWOW64\es-MX
[MD5.8C9D83488C0B5C493E6BC46C0A1EA04D] - |A| - [30/09/2017 10:52:06] - (.-.) - [48 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EspionDll.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [191.5 Ko] - C:\WINDOWS\SysWOW64\et-EE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\eu-ES
[MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:51] - [12990.15 Ko] - C:\WINDOWS\SysWOW64\F12
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\fa-IR
[MD5.3853B34DDFAE519EEF8D1FD08873312C] - |A| - [30/09/2017 10:52:06] - (.-.) - [16 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\FASTTime32.dll
[MD5.AA656A163E414B5F169BCF8AF7D7D72E] - |A| - [24/03/2003 05:03:00] - (.-.) - [273 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\FGWVB32.DLL
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [265 Ko] - C:\WINDOWS\SysWOW64\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\fil-PH
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [3150 Ko] - C:\WINDOWS\SysWOW64\fr
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [215 Ko] - C:\WINDOWS\SysWOW64\fr-CA
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [13038.13 Ko] - C:\WINDOWS\SysWOW64\fr-FR
[MD5.CFDE754A2EA25B204F5B43091F5C0F30] - |A| - [19/11/2007 19:10:28] - (.Copyright © 2003-2007 by FreeImage - FreeImage library.) - [1892 Ko] - (3.10.0.0) - C:\WINDOWS\SysWOW64\FreeImage.dll
[MD5.1025112C43C0F496897EC023BA72E459] - |A| - [30/09/2017 10:52:02] - (.-.) - [72 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\FSButton.ocx
[MD5.DD1140E8B987FACF6B97FC55589030DB] - |A| - [30/09/2017 10:52:02] - (.-.) - [28 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\fsled.ocx
[MD5.19FB7A7E5504D95153FCB589A042FA8F] - |A| - [30/09/2017 10:52:02] - (.-.) - [28 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\fsledr.ocx
[MD5.22107A52ED8EB5516DA030166E6AAAF7] - |A| - [30/09/2017 10:52:02] - (.Copyright(C) mcswe.com - usb-dmx512  box dll.) - [77 Ko] - (1.0.0.3) - C:\WINDOWS\SysWOW64\FSUSB2.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ga-IE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\gd-GB
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\gl-ES
[MD5.5B77BE6133BBB3319B0B9320B5B16CCD] - |A| - [26/03/2015 20:08:25] - (.-.) - [11.45 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gms.log
[MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [15/09/2018 17:39:50] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\gu-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [217.5 Ko] - C:\WINDOWS\SysWOW64\he-IL
[MD5.2E2FE36B09077A3EEBF713F3257514FC] - |A| - [15/09/2018 08:29:03] - (.-.) - [200.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\hi-IN
[MD5.E1959493BE815F4A8F20FF4F966DB87C] - |A| - [30/09/2017 10:52:02] - (.Copyright (C) 1998 Software Solutions - High Resolution Timer Control.) - [24 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\hirestimer.ocx
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [200.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [270.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\hy-AM
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml
[MD5.141C1ED35D36A4294BED57F1F3830B6F] - |RA| - [15/09/2018 08:29:03] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1578 Ko] - (61.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll
[MD5.178E3B2D395F3ADA56B7CED48C9BD6D4] - |RA| - [15/09/2018 08:29:03] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1128 Ko] - (61.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\id-ID
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ig-NG
[MD5.52CDC6511A59627DA3E7580BBEC73FFE] - |A| - [30/09/2017 10:52:02] - (.Freeware - inpout32.) - [32 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\inpout32.dll
[MD5.1E07A331F632AB18AC1598B45D74DEB7] - |A| - [15/09/2018 08:29:05] - (.-.) - [577.97 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [219 Ko] - C:\WINDOWS\SysWOW64\InputMethod
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield
[MD5.C2558938D3DFB45D63BB3FCEEC0AD7DA] - |A| - [30/11/2016 21:58:54] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [101.51 Ko] - (2.0.2.0) - C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi
[MD5.BDB2ADF67D8700080BBA0A82241AECE4] - |A| - [30/09/2017 10:52:06] - (.-.) - [41.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\K8062D.dll
[MD5.2259C648C0B15372BDC45BB139CC864D] - |A| - [30/09/2017 10:52:06] - (.-.) - [332.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\K8062e.exe
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ka-GE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\kk-KZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\km-KH
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\kn-IN
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [201 Ko] - C:\WINDOWS\SysWOW64\ko-KR
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\kok-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ku-Arab-IQ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ky-KG
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\lb-LU
[MD5.9168290605748357A481A38F2A8EC712] - |A| - [30/09/2017 10:52:06] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\LPT_dmx.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [203 Ko] - C:\WINDOWS\SysWOW64\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [200 Ko] - C:\WINDOWS\SysWOW64\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [57509.99 Ko] - C:\WINDOWS\SysWOW64\Macromed
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:40:28] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync
[MD5.F9CAAE3B965638325B8FA1AF33F2A7EC] - |A| - [30/09/2017 10:52:02] - (.Copyright(C) mcswe.com - usb-dmx512  box dll.) - [77.5 Ko] - (1.0.0.5) - C:\WINDOWS\SysWOW64\MCSWE.dll
[MD5.E92D31C158412C5458AC7EDB183D9499] - |A| - [30/09/2017 10:52:02] - (.-.) - [294.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MCSWE_X2.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mi-NZ
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [2923.85 Ko] - C:\WINDOWS\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [815.3 Ko] - C:\WINDOWS\SysWOW64\migwiz
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mk-MK
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ml-IN
[MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [15/09/2018 08:31:37] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mn-MN
[MD5.71594B09A8D4EC0C39DE3947B47D7ABE] - |A| - [30/09/2017 10:52:06] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MPUSBAPI.DLL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mr-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ms-MY
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mt-MT
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [20.55 Ko] - C:\WINDOWS\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [262 Ko] - C:\WINDOWS\SysWOW64\nb-NO
[MD5.B7A01598B0A036C18C721979C039B132] - |A| - [13/07/2004 11:58:54] - (.NCT Company Ltd. Copyright 1999 - 2003 - NCTAudioRecord2 ActiveX DLL.) - [304 Ko] - (2.5.3.152) - C:\WINDOWS\SysWOW64\NCTAudioRecord2.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ne-NP
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [275.5 Ko] - C:\WINDOWS\SysWOW64\nl-NL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\nn-NO
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\nso-ZA
[MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:51] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui
[MD5.56AA0573CF4F7F7EDA2F692E53EEC7BE] - |A| - [12/12/2017 16:02:06] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nv-vk32.json
[MD5.B0F15AA1333BEACDED66A54737AFCEC6] - |A| - [30/09/2017 10:52:02] - (.Copyright © O'ksi'D 2003-2005 - okdmx31.) - [68 Ko] - (1.0.1.10) - C:\WINDOWS\SysWOW64\okdmx31.dll
[MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [15/09/2018 08:40:49] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [685.91 Ko] - C:\WINDOWS\SysWOW64\oobe
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\or-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-IN
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [68 Ko] - C:\WINDOWS\SysWOW64\PerceptionSimulation
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [275 Ko] - C:\WINDOWS\SysWOW64\pl-PL
[MD5.1CD494B6B3A12DFD6F9AB68E7738EF06] - |A| - [30/09/2017 10:52:02] - (.-.) - [48 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\prgs.ocx
[MD5.6B7E8F4B2A8D7CC57E4CD4E37D0F1164] - |A| - [30/09/2017 10:52:02] - (.-.) - [40 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\prgsrnd.ocx
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [420.74 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\prs-AF
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [273 Ko] - C:\WINDOWS\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [275.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\quz-PE
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\restore
[MD5.285B11567BE36B747973DEF5ED3B9781] - |A| - [30/09/2017 10:52:02] - (.-.) - [68 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\sldr.ocx
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [52.14 Ko] - C:\WINDOWS\SysWOW64\slmgr
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\SMI
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [4051.8 Ko] - C:\WINDOWS\SysWOW64\Speech
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [9040.62 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [1296.78 Ko] - C:\WINDOWS\SysWOW64\spp
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [23.61 Ko] - C:\WINDOWS\SysWOW64\sppui
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\sq-AL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-BA
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-RS
[MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [316.23 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS
[MD5.4E498748961C77D626515992B77E7A94] - |A| - [26/03/2015 20:11:06] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [319.02 Ko] - (4.0.0.58) - C:\WINDOWS\SysWOW64\SRCOM.dll
[MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [15/09/2018 08:29:33] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\sru
[MD5.2A9EB39951763761E55D46BFEB595AEB] - |A| - [15/09/2018 08:29:00] - (.-.) - [319.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [264.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\sw-KE
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ta-IN
[MD5.8E49D76E21295D010FF0803D65928F5A] - |A| - [15/09/2018 08:29:28] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\tar.exe
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\te-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [185 Ko] - C:\WINDOWS\SysWOW64\th-TH
[MD5.216714B91E5847C7FED09823D0A846CF] - |A| - [30/09/2017 10:52:02] - (.©2002 EliteVB -.) - [24 Ko] - (1.0.0.56) - C:\WINDOWS\SysWOW64\Threading.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ti-ET
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tk-TM
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tn-ZA
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [257.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR
[MD5.B043D085B9B2CDCC5C9E998F69779389] - |A| - [12/11/2017 14:15:51] - (.(c) Guangming Software. - TTSObj.) - [2008.5 Ko] - (4.0.2010.801) - C:\WINDOWS\SysWOW64\TTSObj.dll
[MD5.A88B20DABDA28A87D3C9FFA453ED2205] - |A| - [16/12/2018 09:32:35] - (.(C) 1993-2009 TWAIN Working Group. - TWAIN 32 Source Manager (Image Acquisition Interface).) - [144.02 Ko] - (2.1.4.0) - C:\WINDOWS\SysWOW64\twaindsm.dll
[MD5.9E865A40CC0C878934055EB689C1F7BD] - |A| - [30/09/2017 10:52:02] - (.Copyright © 2007 - uDMX.) - [288 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\uDMX.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ug-CN
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [202.5 Ko] - C:\WINDOWS\SysWOW64\uk-UA
[MD5.D62225B3D73E0E4EFF382D9DD62C47ED] - |A| - [07/05/2007 09:11:24] - (.Copyright ¸ 2003-2004 Woodbury Associates Ltd. - UniToolbox Controls.) - [860 Ko] - (1.0.3.73) - C:\WINDOWS\SysWOW64\UniBox10.ocx
[MD5.502043E2A053E627BAC0616F353B332B] - |A| - [07/05/2007 09:11:46] - (.Copyright © 2003-2004 Woodbury Associates Limited - UniToolbox VB.) - [208 Ko] - (1.2.0.33) - C:\WINDOWS\SysWOW64\UniBoxVB12.ocx
[MD5.4D725B6F0599A2B941B0D33C05804730] - |A| - [06/11/2007 20:21:42] - (.Copyright © 1998-2007 Dana Seaman - CyberActiveX.com. -.) - [444 Ko] - (1.0.0.9) - C:\WINDOWS\SysWOW64\UniCommandBar100_EDA1811C.ocx
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ur-PK
[MD5.0E0D227EB5B69B881D2A9B836288E1ED] - |A| - [30/09/2017 10:52:02] - (.Copyright (C) 2015 - USB DLL.) - [36 Ko] - (1.2.2.0) - C:\WINDOWS\SysWOW64\USB.dll
[MD5.7CDE8B3D2A213891CAEB7E4CB49AF3EB] - |A| - [30/09/2017 10:52:06] - (.Copyright © O'ksi'D 2003-2006 - OksiD USB DMX.) - [48 Ko] - (1.0.2.13) - C:\WINDOWS\SysWOW64\usb2dmx.dll
[MD5.3096A6DBEC1A721F0EA20F3FB279933A] - |A| - [30/09/2017 10:52:06] - (.Copyright (C) 2004 - USB_DLL DLL.) - [108 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\usb_dll.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\vi-VN
[MD5.4779CDC38ACAE2D628E506FD0E33EE81] - |A| - [12/11/2017 14:15:51] - (.Copyright © 2002-2004, Partaksoft ®. - Visual Button Ex Version 1.20  ActiveX Component.) - [176 Ko] - (1.20.0.0) - C:\WINDOWS\SysWOW64\VISUALBUTTONEX.OCX
[MD5.4687C05E2980F0FA45AD49BB5805CBDA] - |A| - [14/09/2017 00:20:30] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.3 Ko] - (1.0.61.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-61-0.dll
[MD5.4687C05E2980F0FA45AD49BB5805CBDA] - |A| - [17/11/2018 13:21:22] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.3 Ko] - (1.0.61.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll
[MD5.03DEC18E91E9EEFC96FEEFB61C40F8A1] - |A| - [14/09/2017 00:20:14] - (.-.) - [478.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-61-0.exe
[MD5.03DEC18E91E9EEFC96FEEFB61C40F8A1] - |A| - [17/11/2018 13:21:23] - (.-.) - [478.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [15748.35 Ko] - C:\WINDOWS\SysWOW64\wbem
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN
[MD5.F884B2B3047C6A61B21540CEAACC53BC] - |A| - [15/09/2018 08:29:03] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [9125.86 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [6004.44 Ko] - C:\WINDOWS\SysWOW64\WinMetadata
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\wo-SN
[MD5.4CC6C2D85CE89C54905BAEFCA1A0AA95] - |A| - [15/09/2018 08:29:03] - (.-.) - [62 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
[MD5.30FBA3D96BAF727CB0A9D1CB28EC3B5F] - |A| - [23/04/2007 16:13:12] - (.Copyright © 1996-2005 Xceed Software Inc. - Xceed Zip Compression Library.) - [485.01 Ko] - (6.0.7223.0) - C:\WINDOWS\SysWOW64\XceedZip.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\xh-ZA
[MD5.00000000000000000000000000000000] - |D| - [23/02/2019 02:39:44] - [10.14 Ko] - C:\WINDOWS\SysWOW64\XPSViewer
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\yo-NG
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [179 Ko] - C:\WINDOWS\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [180 Ko] - C:\WINDOWS\SysWOW64\zh-TW
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\zu-ZA

---------- | Shell Folders

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead   
"AppData"=C:\Users\Loïc\AppData\Roaming   [23/02/2019 03:03:07]
"Local AppData"=C:\Users\Loïc\AppData\Local   [23/02/2019 03:03:07]
"CD Burning"=C:\Users\Loïc\AppData\Local\Microsoft\Windows\Burn\Burn   [23/02/2019 08:20:18]
"{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Libraries   [19/07/2015 18:04:43]
"My Video"=C:\Users\Loïc\Videos   [19/07/2015 18:04:00]
"My Pictures"=C:\Users\Loïc\Pictures   [19/07/2015 18:04:00]
"Desktop"=C:\Users\Loïc\Desktop   [19/07/2015 18:04:01]
"History"=C:\Users\Loïc\AppData\Local\Microsoft\Windows\History   [19/07/2015 18:04:01]
"NetHood"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Network Shortcuts   [23/02/2019 03:03:07]
"{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Loïc\Contacts   [19/07/2015 18:04:43]
"{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\Loïc\AppData\Local\Microsoft\Windows\RoamingTiles   [19/07/2015 18:04:24]
"Cookies"=C:\Users\Loïc\AppData\Local\Microsoft\Windows\INetCookies   [19/07/2015 18:04:01]
"Favorites"=C:\Users\Loïc\Favorites   [19/07/2015 18:04:01]
"SendTo"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\SendTo   [14/10/2016 13:29:11]
"Start Menu"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu   [14/10/2016 13:29:11]
"My Music"=C:\Users\Loïc\Music   [19/07/2015 18:04:00]
"Programs"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs   [14/10/2016 13:29:11]
"Recent"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Recent   [19/07/2015 18:04:01]
"PrintHood"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Printer Shortcuts   [23/02/2019 03:03:07]
"{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Loïc\Searches   [19/07/2015 18:04:44]
"{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Loïc\Downloads   [19/07/2015 18:04:01]
"{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Loïc\AppData\LocalLow   [19/07/2015 18:04:01]
"Startup"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup   [19/07/2015 18:04:44]
"Administrative Tools"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [19/07/2015 18:04:44]
"Personal"=C:\Users\Loïc\Documents   [19/07/2015 18:04:01]
"{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Loïc\Links   [19/07/2015 18:04:00]
"Cache"=C:\Users\Loïc\AppData\Local\Microsoft\Windows\INetCache   [23/02/2019 03:03:08]
"Templates"=C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Templates   [23/02/2019 03:03:07]
"{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Loïc\Saved Games   [19/07/2015 18:04:00]
"Fonts"=C:\WINDOWS\Fonts   [15/09/2018 08:33:50]

[HKU\S-1-5-21-4117569676-3186425540-4251289028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"AppData"=%USERPROFILE%\AppData\Roaming   
"Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache   
"Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies   
"Desktop"=%USERPROFILE%\Desktop   
"Favorites"=%USERPROFILE%\Favorites   
"History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History   
"Local AppData"=%USERPROFILE%\AppData\Local   
"My Music"=%USERPROFILE%\Music   
"My Pictures"=%USERPROFILE%\Pictures   
"My Video"=%USERPROFILE%\Videos   
"NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts   
"Personal"=%USERPROFILE%\Documents   
"PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts   
"Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs   
"Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent   
"SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo   
"Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu   
"Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup   
"Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates   
"{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads   
"{767E6811-49CB-4273-87C2-20F355E1085B}"=C:\Users\Loïc\OneDrive\Pictures\Pellicule   [07/03/2016 09:06:40]

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [15/09/2018 08:33:50]
"Common AppData"=C:\ProgramData   [15/09/2018 08:33:50]
"Common Desktop"=C:\Users\Public\Desktop   [22/08/2013 16:36:30]
"Common Documents"=C:\Users\Public\Documents   [22/08/2013 16:36:30]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs   [15/09/2018 08:33:50]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu   [15/09/2018 08:33:50]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup   [15/09/2018 08:33:50]
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates   [22/08/2013 16:36:30]
"CommonMusic"=C:\Users\Public\Music   [22/08/2013 16:36:30]
"CommonPictures"=C:\Users\Public\Pictures   [22/08/2013 16:36:30]
"CommonVideo"=C:\Users\Public\Videos   [22/08/2013 16:36:30]
"OEM Links"=C:\ProgramData\OEM\Links   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common AppData"=%ProgramData%   
"Common Desktop"=%PUBLIC%\Desktop   
"Common Documents"=%PUBLIC%\Documents   
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs   
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu   
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup   
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates   
"CommonMusic"=%PUBLIC%\Music   
"CommonPictures"=%PUBLIC%\Pictures   
"CommonVideo"=%PUBLIC%\Videos   
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [15/09/2018 08:33:50]
"Common AppData"=C:\ProgramData   [15/09/2018 08:33:50]
"Common Desktop"=C:\Users\Public\Desktop   [22/08/2013 16:36:30]
"Common Documents"=C:\Users\Public\Documents   [22/08/2013 16:36:30]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs   [15/09/2018 08:33:50]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu   [15/09/2018 08:33:50]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup   [15/09/2018 08:33:50]
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates   [22/08/2013 16:36:30]
"CommonMusic"=C:\Users\Public\Music   [22/08/2013 16:36:30]
"CommonPictures"=C:\Users\Public\Pictures   [22/08/2013 16:36:30]
"CommonVideo"=C:\Users\Public\Videos   [22/08/2013 16:36:30]
"OEM Links"=C:\ProgramData\OEM\Links   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common AppData"=%ProgramData%   
"Common Desktop"=%PUBLIC%\Desktop   
"Common Documents"=%PUBLIC%\Documents   
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs   
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu   
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup   
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates   
"CommonMusic"=%PUBLIC%\Music   
"CommonPictures"=%PUBLIC%\Pictures   
"CommonVideo"=%PUBLIC%\Videos   
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads   


---------- | [Administrateur]

[13/02/2016 14:14:31] - |HD| - [127473093] - C:\Users\Administrateur\AppData
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\Application Data
[13/02/2016 14:18:35] - |RD| - [412] - C:\Users\Administrateur\Contacts
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\Cookies
[13/02/2016 14:14:31] - |RD| - [282] - C:\Users\Administrateur\Desktop
[13/02/2016 14:14:31] - |RD| - [402] - C:\Users\Administrateur\Documents
[13/02/2016 14:14:31] - |RD| - [282] - C:\Users\Administrateur\Downloads
[13/02/2016 14:14:31] - |RD| - [690] - C:\Users\Administrateur\Favorites
[13/02/2016 14:14:31] - |RD| - [2015] - C:\Users\Administrateur\Links
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\Local Settings
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\Menu Démarrer
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\Mes documents
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\Modèles
[13/02/2016 14:14:31] - |RD| - [504] - C:\Users\Administrateur\Music
[13/02/2016 14:14:31] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT
[13/02/2016 14:14:32] - |ASH| - [12288] - C:\Users\Administrateur\ntuser.dat.LOG1
[13/02/2016 14:14:32] - |ASH| - [12288] - C:\Users\Administrateur\ntuser.dat.LOG2
[13/02/2016 14:14:32] - |ASH| - [65536] - C:\Users\Administrateur\NTUSER.DAT{a97de0a2-d207-11e5-8729-a48cb7566772}.TM.blf
[13/02/2016 14:14:32] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{a97de0a2-d207-11e5-8729-a48cb7566772}.TMContainer00000000000000000001.regtrans-ms
[13/02/2016 14:14:32] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{a97de0a2-d207-11e5-8729-a48cb7566772}.TMContainer00000000000000000002.regtrans-ms
[13/02/2016 14:14:32] - |ASH| - [20] - C:\Users\Administrateur\ntuser.ini
[13/02/2016 14:19:52] - |RD| - [105] - C:\Users\Administrateur\OneDrive
[13/02/2016 14:14:31] - |RD| - [504] - C:\Users\Administrateur\Pictures
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\Recent
[13/02/2016 14:14:31] - |RD| - [282] - C:\Users\Administrateur\Saved Games
[13/02/2016 14:18:35] - |RD| - [1875] - C:\Users\Administrateur\Searches
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\SendTo
[13/02/2016 14:14:31] - |RD| - [504] - C:\Users\Administrateur\Videos
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\Voisinage d'impression
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\Voisinage réseau
[13/02/2016 14:14:31] - |D| - [127336646] - C:\Users\Administrateur\AppData\Local
[13/02/2016 14:14:32] - |D| - [0] - C:\Users\Administrateur\AppData\LocalLow
[13/02/2016 14:14:31] - |D| - [136447] - C:\Users\Administrateur\AppData\Roaming
[13/02/2016 14:16:50] - |D| - [0] - C:\Users\Administrateur\AppData\Local\ActiveSync
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Application Data
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Historique
[13/02/2016 14:21:05] - |AH| - [3368] - C:\Users\Administrateur\AppData\Local\IconCache.db
[13/02/2016 14:14:31] - |D| - [112978172] - C:\Users\Administrateur\AppData\Local\Microsoft
[13/02/2016 14:14:37] - |D| - [3271330] - C:\Users\Administrateur\AppData\Local\Packages
[13/02/2016 14:14:31] - |D| - [0] - C:\Users\Administrateur\AppData\Local\Temp
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Temporary Internet Files
[13/02/2016 14:14:36] - |D| - [11083776] - C:\Users\Administrateur\AppData\Local\TileDataLayer
[13/02/2016 14:18:33] - |D| - [0] - C:\Users\Administrateur\AppData\Roaming\Adobe
[13/02/2016 14:14:31] - |SD| - [136447] - C:\Users\Administrateur\AppData\Roaming\Microsoft
[13/02/2016 14:18:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[13/02/2016 14:14:32] - |SHD| - [0] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[13/02/2016 14:14:31] - |RD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[13/02/2016 14:14:31] - |RD| - [3888] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[13/02/2016 14:14:31] - |RD| - [2925] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[13/02/2016 14:18:35] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[13/02/2016 14:18:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[13/02/2016 14:14:31] - |D| - [170] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[13/02/2016 14:19:52] - |A| - [2405] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[13/02/2016 14:18:35] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[13/02/2016 14:14:31] - |RD| - [5318] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[13/02/2016 14:14:31] - |RSD| - [7238] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[13/02/2016 14:18:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | [Loïc]

[22/04/2016 12:23:04] - |RD| - [3875642] - C:\Users\Loïc\3D Objects
[23/02/2019 03:03:07] - |HD| - [13824225558] - C:\Users\Loïc\AppData
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\Application Data
[25/02/2016 12:32:17] - |D| - [501247] - C:\Users\Loïc\CmapToolsLogs
[19/07/2015 18:04:43] - |RD| - [412] - C:\Users\Loïc\Contacts
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\Cookies
[19/07/2015 18:04:01] - |RD| - [2170722644] - C:\Users\Loïc\Desktop
[19/07/2015 18:04:01] - |RD| - [156785444] - C:\Users\Loïc\Documents
[19/07/2015 18:04:01] - |RD| - [7458493167] - C:\Users\Loïc\Downloads
[19/07/2015 18:04:01] - |RD| - [914] - C:\Users\Loïc\Favorites
[16/11/2016 10:25:37] - |RD| - [243009] - C:\Users\Loïc\Google Drive
[25/02/2016 12:29:51] - |HD| - [0] - C:\Users\Loïc\InstallAnywhere
[19/07/2015 18:04:30] - |SHD| - [25308] - C:\Users\Loïc\IntelGraphicsProfiles
[19/07/2015 18:04:00] - |RD| - [4403] - C:\Users\Loïc\Links
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\Local Settings
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\Menu Démarrer
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\Mes documents
[02/01/2018 11:51:35] - |HD| - [4787734] - C:\Users\Loïc\MicrosoftEdgeBackups
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\Modèles
[19/07/2015 18:04:00] - |RD| - [2923300208] - C:\Users\Loïc\Music
[23/02/2019 03:03:07] - |AH| - [8650752] - C:\Users\Loïc\NTUSER.DAT
[23/02/2019 03:03:08] - |ASH| - [2214912] - C:\Users\Loïc\ntuser.dat.LOG1
[23/02/2019 03:03:08] - |ASH| - [2214912] - C:\Users\Loïc\ntuser.dat.LOG2
[23/02/2019 03:03:08] - |ASH| - [65536] - C:\Users\Loïc\NTUSER.DAT{1c3790b4-b8ad-11e8-aa21-e41d2d101530}.TM.blf
[23/02/2019 03:03:08] - |ASH| - [524288] - C:\Users\Loïc\NTUSER.DAT{1c3790b4-b8ad-11e8-aa21-e41d2d101530}.TMContainer00000000000000000001.regtrans-ms
[23/02/2019 03:03:08] - |ASH| - [524288] - C:\Users\Loïc\NTUSER.DAT{1c3790b4-b8ad-11e8-aa21-e41d2d101530}.TMContainer00000000000000000002.regtrans-ms
[23/02/2019 08:17:45] - |SH| - [20] - C:\Users\Loïc\ntuser.ini
[19/07/2015 18:12:08] - |RAD| - [1265526] - C:\Users\Loïc\OneDrive
[19/07/2015 18:04:00] - |RD| - [3038500629] - C:\Users\Loïc\Pictures
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\Recent
[19/07/2015 18:04:00] - |RD| - [282] - C:\Users\Loïc\Saved Games
[19/07/2015 18:04:44] - |RD| - [1879] - C:\Users\Loïc\Searches
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\SendTo
[16/12/2018 19:11:39] - |A| - [0] - C:\Users\Loïc\Sti_Trace.log
[03/12/2015 10:00:45] - |D| - [180224] - C:\Users\Loïc\Tracing
[19/07/2015 18:04:00] - |RD| - [235545777073] - C:\Users\Loïc\Videos
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\Voisinage d'impression
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\Voisinage réseau
[25/09/2015 09:37:43] - |D| - [28975820] - C:\Users\Loïc\www.apowersoft.com
[23/02/2019 03:03:07] - |D| - [2506197734] - C:\Users\Loïc\AppData\Local
[19/07/2015 18:04:01] - |D| - [52587031] - C:\Users\Loïc\AppData\LocalLow
[23/02/2019 03:03:07] - |D| - [11265440793] - C:\Users\Loïc\AppData\Roaming
[22/04/2016 10:37:26] - |D| - [0] - C:\Users\Loïc\AppData\Local\ActiveSync
[25/01/2017 15:18:21] - |D| - [22849] - C:\Users\Loïc\AppData\Local\Adobe
[13/02/2016 15:24:11] - |D| - [0] - C:\Users\Loïc\AppData\Local\Apple
[17/12/2016 15:50:00] - |D| - [1821058] - C:\Users\Loïc\AppData\Local\Apple Computer
[17/12/2016 16:07:37] - |D| - [180736] - C:\Users\Loïc\AppData\Local\Apple Inc
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\AppData\Local\Application Data
[19/07/2015 18:05:53] - |D| - [0] - C:\Users\Loïc\AppData\Local\BMExplorer
[19/05/2018 14:40:36] - |D| - [2149488] - C:\Users\Loïc\AppData\Local\CEF
[22/04/2016 10:35:44] - |D| - [32209592] - C:\Users\Loïc\AppData\Local\Comms
[03/06/2017 11:30:43] - |D| - [1085272] - C:\Users\Loïc\AppData\Local\ConnectedDevicesPlatform
[21/07/2015 16:36:17] - |D| - [12973868] - C:\Users\Loïc\AppData\Local\CrashDumps
[30/05/2018 11:30:41] - |D| - [45126] - C:\Users\Loïc\AppData\Local\CrashReportClient
[30/05/2018 14:15:26] - |D| - [274304] - C:\Users\Loïc\AppData\Local\D3DSCache
[03/06/2017 11:37:47] - |D| - [0] - C:\Users\Loïc\AppData\Local\DBG
[20/07/2015 16:24:19] - |D| - [0] - C:\Users\Loïc\AppData\Local\Diagnostics
[17/12/2016 16:07:52] - |D| - [623616] - C:\Users\Loïc\AppData\Local\EB26EA23-1AF0-4BDF-972B-3388AD1288D1.aplzod
[29/07/2015 15:43:09] - |D| - [0] - C:\Users\Loïc\AppData\Local\ElevatedDiagnostics
[20/07/2015 16:14:55] - |SHD| - [0] - C:\Users\Loïc\AppData\Local\EmieSiteList
[20/07/2015 16:14:55] - |SHD| - [0] - C:\Users\Loïc\AppData\Local\EmieUserList
[19/05/2018 14:36:10] - |D| - [2790512] - C:\Users\Loïc\AppData\Local\EpicGamesLauncher
[29/05/2018 17:25:35] - |D| - [31581445] - C:\Users\Loïc\AppData\Local\FortniteGame
[30/10/2015 12:36:58] - |A| - [122480] - C:\Users\Loïc\AppData\Local\GDIPFONTCACHEV1.DAT
[30/05/2018 13:42:57] - |D| - [1221705695] - C:\Users\Loïc\AppData\Local\Google
[14/02/2016 21:19:59] - |D| - [806] - C:\Users\Loïc\AppData\Local\GoPro
[05/08/2015 23:16:15] - |D| - [10114] - C:\Users\Loïc\AppData\Local\GWX
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\AppData\Local\Historique
[25/02/2019 13:44:06] - |AH| - [21924] - C:\Users\Loïc\AppData\Local\IconCache.db
[11/02/2019 12:41:35] - |D| - [776360] - C:\Users\Loïc\AppData\Local\mbam
[11/02/2019 12:41:25] - |D| - [235676] - C:\Users\Loïc\AppData\Local\mbamtray
[23/02/2019 03:03:07] - |D| - [430140274] - C:\Users\Loïc\AppData\Local\Microsoft
[19/07/2015 21:22:24] - |D| - [126472] - C:\Users\Loïc\AppData\Local\Microsoft Help
[22/04/2016 16:06:47] - |D| - [72267] - C:\Users\Loïc\AppData\Local\MicrosoftEdge
[22/04/2016 16:09:22] - |D| - [0] - C:\Users\Loïc\AppData\Local\NetworkTiles
[06/09/2017 15:32:24] - |D| - [1154] - C:\Users\Loïc\AppData\Local\Noël Danjou
[19/07/2015 18:04:29] - |D| - [130827080] - C:\Users\Loïc\AppData\Local\NVIDIA
[19/07/2015 18:04:29] - |D| - [0] - C:\Users\Loïc\AppData\Local\NVIDIA Corporation
[31/12/2017 11:16:09] - |D| - [602436306] - C:\Users\Loïc\AppData\Local\Packages
[25/02/2018 12:08:53] - |D| - [0] - C:\Users\Loïc\AppData\Local\PlaceholderTileLogoFolder
[25/09/2015 09:50:58] - |D| - [0] - C:\Users\Loïc\AppData\Local\Programs
[22/04/2016 10:37:08] - |D| - [853060] - C:\Users\Loïc\AppData\Local\Publishers
[21/07/2015 16:49:06] - |D| - [5560525] - C:\Users\Loïc\AppData\Local\Skype
[12/11/2017 14:19:25] - |D| - [940] - C:\Users\Loïc\AppData\Local\speech
[23/02/2019 03:03:07] - |D| - [9946156] - C:\Users\Loïc\AppData\Local\Temp
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\AppData\Local\Temporary Internet Files
[22/04/2016 10:35:27] - |D| - [12638772] - C:\Users\Loïc\AppData\Local\TileDataLayer
[02/01/2018 16:33:31] - |D| - [2084] - C:\Users\Loïc\AppData\Local\UnDeFeaT.com
[19/05/2018 14:36:10] - |D| - [185] - C:\Users\Loïc\AppData\Local\UnrealEngine
[19/05/2018 14:36:21] - |D| - [250] - C:\Users\Loïc\AppData\Local\UnrealEngineLauncher
[19/07/2015 18:04:37] - |D| - [4524398] - C:\Users\Loïc\AppData\Local\VirtualStore
[07/02/2019 16:23:14] - |D| - [436890] - C:\Users\Loïc\AppData\Local\ZHP
[13/02/2016 15:23:29] - |D| - [361] - C:\Users\Loïc\AppData\LocalLow\Apple Computer
[19/07/2015 18:04:02] - |SD| - [217504] - C:\Users\Loïc\AppData\LocalLow\Microsoft
[25/09/2015 09:33:29] - |D| - [49037312] - C:\Users\Loïc\AppData\LocalLow\Oracle
[25/09/2015 09:35:44] - |D| - [3331854] - C:\Users\Loïc\AppData\LocalLow\Sun
[09/03/2016 11:36:50] - |D| - [0] - C:\Users\Loïc\AppData\LocalLow\Temp
[11/09/2017 17:30:33] - |D| - [13] - C:\Users\Loïc\AppData\Roaming\9112017183016
[11/09/2017 17:38:55] - |D| - [0] - C:\Users\Loïc\AppData\Roaming\9112017183845
[08/09/2017 14:47:56] - |D| - [0] - C:\Users\Loïc\AppData\Roaming\982017154746
[08/09/2017 14:52:34] - |D| - [78] - C:\Users\Loïc\AppData\Roaming\982017155224
[19/07/2015 18:04:37] - |D| - [1539083] - C:\Users\Loïc\AppData\Roaming\Adobe
[25/09/2015 09:51:26] - |D| - [5806] - C:\Users\Loïc\AppData\Roaming\Apowersoft
[17/02/2016 21:24:59] - |D| - [8516478420] - C:\Users\Loïc\AppData\Roaming\Apple Computer
[19/07/2015 18:05:26] - |D| - [0] - C:\Users\Loïc\AppData\Roaming\Atheros
[25/02/2016 12:32:20] - |D| - [6028116] - C:\Users\Loïc\AppData\Roaming\CmapTools
[10/12/2015 23:36:06] - |D| - [3093] - C:\Users\Loïc\AppData\Roaming\dvdcss
[25/01/2017 15:21:04] - |D| - [30811803] - C:\Users\Loïc\AppData\Roaming\edu.media.mit.Scratch2Editor
[16/12/2018 09:40:27] - |D| - [135866] - C:\Users\Loïc\AppData\Roaming\EPSON
[25/08/2015 15:33:59] - |D| - [262680846] - C:\Users\Loïc\AppData\Roaming\Foxit Software
[26/12/2017 09:40:24] - |D| - [1348] - C:\Users\Loïc\AppData\Roaming\Garmin
[22/10/2018 12:55:27] - |D| - [0] - C:\Users\Loïc\AppData\Roaming\Google
[13/02/2016 15:10:53] - |D| - [71483566] - C:\Users\Loïc\AppData\Roaming\GoPro
[29/07/2015 13:48:22] - |D| - [0] - C:\Users\Loïc\AppData\Roaming\Identities
[16/12/2018 11:31:26] - |D| - [0] - C:\Users\Loïc\AppData\Roaming\InstallShield
[29/07/2018 20:21:37] - |D| - [1618] - C:\Users\Loïc\AppData\Roaming\IsolatedStorage
[20/09/2017 17:37:46] - |D| - [3007488] - C:\Users\Loïc\AppData\Roaming\LockAP
[30/05/2018 13:42:57] - |D| - [631628] - C:\Users\Loïc\AppData\Roaming\Macromedia
[23/02/2019 03:03:07] - |SD| - [28849207] - C:\Users\Loïc\AppData\Roaming\Microsoft
[29/07/2015 17:36:57] - |D| - [1061] - C:\Users\Loïc\AppData\Roaming\Origin
[25/01/2017 10:04:46] - |D| - [172] - C:\Users\Loïc\AppData\Roaming\Plagiarisma.Net
[22/08/2017 14:00:27] - |D| - [101778] - C:\Users\Loïc\AppData\Roaming\Promethean
[21/07/2015 16:49:01] - |D| - [27970452] - C:\Users\Loïc\AppData\Roaming\Skype
[19/07/2015 18:04:52] - |A| - [165] - C:\Users\Loïc\AppData\Roaming\sp_data.sys
[25/09/2015 09:35:44] - |D| - [0] - C:\Users\Loïc\AppData\Roaming\Sun
[19/02/2018 19:15:55] - |D| - [25060860] - C:\Users\Loïc\AppData\Roaming\uTorrent
[22/07/2015 20:00:11] - |D| - [160872] - C:\Users\Loïc\AppData\Roaming\vlc
[19/07/2015 18:10:29] - |D| - [155033] - C:\Users\Loïc\AppData\Roaming\WebStorage
[16/01/2017 13:08:57] - |D| - [12] - C:\Users\Loïc\AppData\Roaming\WinRAR
[28/01/2016 10:10:50] - |D| - [3395394] - C:\Users\Loïc\AppData\Roaming\XMind
[08/09/2017 14:47:11] - |D| - [28256] - C:\Users\Loïc\AppData\Roaming\YDP
[01/01/2018 23:21:19] - |D| - [2286908759] - C:\Users\Loïc\AppData\Roaming\ZHP
[19/07/2015 18:04:43] - |SH| - [174] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[23/02/2019 03:03:08] - |SHD| - [0] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[14/10/2016 13:29:11] - |RD| - [25894] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[19/02/2018 19:15:58] - |A| - [916] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
[23/02/2019 03:03:07] - |RD| - [3888] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[23/02/2019 03:03:07] - |RD| - [2931] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[19/07/2015 18:04:44] - |RD| - [174] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[23/02/2019 03:03:08] - |SH| - [264] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[23/02/2019 03:03:07] - |D| - [170] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[23/02/2019 03:03:08] - |A| - [1105] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[19/07/2015 18:04:44] - |RD| - [174] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[23/02/2019 03:03:07] - |RD| - [4913] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[23/02/2019 03:03:07] - |RD| - [7754] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[16/01/2017 13:08:41] - |D| - [4521] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[28/01/2016 10:11:00] - |D| - [0] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XMind
[19/07/2015 18:04:44] - |SH| - [174] - C:\Users\Loïc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | [Public]

[13/02/2016 14:18:35] - |RHD| - [196] - C:\Users\Public\AccountPictures
[29/05/2018 17:31:20] - |AHD| - [0] - C:\Users\Public\AppData
[26/03/2015 20:26:26] - |D| - [9585] - C:\Users\Public\ASUS
[13/02/2016 15:10:39] - |D| - [3605526] - C:\Users\Public\CineForm
[22/08/2013 16:36:30] - |RHD| - [20831] - C:\Users\Public\Desktop
[15/09/2018 08:31:35] - |ASH| - [174] - C:\Users\Public\desktop.ini
[22/08/2013 16:36:30] - |RD| - [278] - C:\Users\Public\Documents
[22/08/2013 16:36:30] - |RD| - [174] - C:\Users\Public\Downloads
[29/10/2014 07:26:31] - |D| - [2703972] - C:\Users\Public\Foxit Software
[15/09/2018 08:33:50] - |RHD| - [1135] - C:\Users\Public\Libraries
[29/05/2018 17:31:20] - |A| - [241] - C:\Users\Public\Libraries.ini
[22/08/2013 16:36:30] - |RD| - [380] - C:\Users\Public\Music
[01/01/2018 22:21:57] - |A| - [8192] - C:\Users\Public\NTUSER.DAT
[01/01/2018 22:21:57] - |A| - [8192] - C:\Users\Public\NTUSER.DAT.LOG1
[01/01/2018 22:21:57] - |A| - [8192] - C:\Users\Public\NTUSER.DAT.LOG2
[01/01/2018 22:21:57] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{ffb698ab-ee14-11e7-988e-dc85defbe1aa}.TM.blf
[01/01/2018 22:21:57] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{ffb698ab-ee14-11e7-988e-dc85defbe1aa}.TMContainer00000000000000000001.regtrans-ms
[01/01/2018 22:21:57] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{ffb698ab-ee14-11e7-988e-dc85defbe1aa}.TMContainer00000000000000000002.regtrans-ms
[22/08/2013 16:36:30] - |RD| - [380] - C:\Users\Public\Pictures
[22/08/2013 16:36:30] - |RD| - [380] - C:\Users\Public\Videos

---------- | C:\ProgramData

[22/08/2017 13:53:30] - |D| - [104] - C:\ProgramData\Activ Software
[25/01/2017 15:21:02] - |D| - [0] - C:\ProgramData\Adobe
[10/08/2015 09:44:11] - |D| - [0] - C:\ProgramData\Age of Empires 3
[25/09/2015 09:51:21] - |D| - [1618568] - C:\ProgramData\Apowersoft
[13/02/2016 15:23:49] - |D| - [166707994] - C:\ProgramData\Apple
[13/02/2016 15:24:17] - |D| - [79908583] - C:\ProgramData\Apple Computer
[23/02/2019 03:28:17] - |SHD| - [0] - C:\ProgramData\Application Data
[22/04/2016 10:35:57] - |D| - [124857] - C:\ProgramData\ASUS Smart Gesture
[29/10/2014 07:25:41] - |D| - [2282] - C:\ProgramData\ASUS WebStorage
[29/10/2014 07:25:13] - |D| - [12618] - C:\ProgramData\ASUSLogos
[26/03/2015 20:21:40] - |D| - [35] - C:\ProgramData\Atheros
[12/11/2017 14:15:57] - |D| - [28] - C:\ProgramData\brun-villani
[22/04/2016 10:14:04] - |SHD| - [0] - C:\ProgramData\Bureau
[01/07/2017 14:18:32] - |HD| - [25490742] - C:\ProgramData\CanonBJ
[16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\Comms
[23/02/2019 03:28:17] - |SHD| - [0] - C:\ProgramData\Documents
[03/06/2017 10:04:13] - |A| - [0] - C:\ProgramData\DP45977C.lfl
[29/07/2015 17:00:59] - |D| - [68498] - C:\ProgramData\Electronic Arts
[19/05/2018 14:33:46] - |D| - [26730590] - C:\ProgramData\Epic
[16/12/2018 09:30:21] - |D| - [8402778] - C:\ProgramData\Epson
[13/09/2017 12:28:09] - |D| - [41456] - C:\ProgramData\HP
[11/08/2015 14:13:44] - |D| - [54192] - C:\ProgramData\InstallShield
[26/03/2015 20:04:27] - |D| - [38061017] - C:\ProgramData\Intel
[15/02/2017 10:34:15] - |D| - [0] - C:\ProgramData\Intel Security
[29/07/2018 20:21:37] - |D| - [1618] - C:\ProgramData\IsolatedStorage
[01/01/2018 22:59:46] - |D| - [41436414] - C:\ProgramData\Malwarebytes
[22/04/2016 10:14:04] - |SHD| - [0] - C:\ProgramData\Menu Démarrer
[15/09/2018 08:33:50] - |SD| - [1286299537] - C:\ProgramData\Microsoft
[19/07/2015 21:22:23] - |D| - [99094] - C:\ProgramData\Microsoft Help
[23/02/2019 08:20:35] - |D| - [0] - C:\ProgramData\Microsoft OneDrive
[22/04/2016 10:14:04] - |SHD| - [0] - C:\ProgramData\Modèles
[03/06/2017 10:04:50] - |D| - [311874] - C:\ProgramData\NVIDIA
[03/06/2017 10:04:35] - |D| - [372950750] - C:\ProgramData\NVIDIA Corporation
[25/09/2015 09:35:25] - |D| - [70997662] - C:\ProgramData\Oracle
[29/07/2015 17:00:59] - |D| - [0] - C:\ProgramData\Origin
[29/10/2014 07:25:55] - |D| - [29291503] - C:\ProgramData\Package Cache
[11/07/2018 01:33:34] - |D| - [81920] - C:\ProgramData\Packages
[22/08/2017 13:53:30] - |D| - [15728] - C:\ProgramData\Promethean
[26/03/2015 20:01:02] - |D| - [20459] - C:\ProgramData\Qualcomm Atheros
[15/09/2018 08:33:50] - |D| - [2060] - C:\ProgramData\regid.1991-06.com.microsoft
[29/10/2014 07:25:14] - |A| - [256] - C:\ProgramData\SetStretch.cmd
[29/10/2014 07:25:14] - |A| - [24576] - C:\ProgramData\SetStretch.exe
[29/10/2014 07:25:14] - |A| - [103] - C:\ProgramData\SetStretch.VBS
[03/06/2017 10:03:41] - |D| - [53443884] - C:\ProgramData\SetupTPDriver
[29/10/2014 07:25:50] - |D| - [76492800] - C:\ProgramData\Skype
[15/09/2018 08:33:50] - |D| - [0] - C:\ProgramData\SoftwareDistribution
[13/02/2016 15:25:35] - |AD| - [0] - C:\ProgramData\TEMP
[19/07/2015 18:04:51] - |D| - [2] - C:\ProgramData\USBChargerPlus
[15/09/2018 08:33:50] - |D| - [20518] - C:\ProgramData\USOPrivate
[23/02/2019 03:01:05] - |D| - [1515520] - C:\ProgramData\USOShared
[29/10/2014 07:25:41] - |D| - [2282] - C:\ProgramData\WebStorage
[29/10/2014 07:26:52] - |D| - [372079] - C:\ProgramData\WildTangent
[15/09/2018 17:40:58] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices
[26/03/2015 20:16:50] - |D| - [99027048] - C:\ProgramData\{1AFEA24A-A9B9-43AD-8812-810FBC3FF35A}

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[15/09/2018 08:31:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[22/04/2016 10:14:04] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[15/09/2018 08:33:50] - |RD| - [238020] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[15/09/2018 08:33:50] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
[15/09/2018 08:33:50] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[15/09/2018 08:33:50] - |RD| - [22954] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[03/03/2018 22:02:16] - |D| - [2051] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Empires Definitive Edition
[26/10/2016 19:31:06] - |A| - [2649] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age3XRec Renamer.lnk
[13/02/2016 15:24:11] - |A| - [2535] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[22/02/2019 11:07:16] - |A| - [733] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à jour de Windows 10.lnk
[29/10/2014 07:25:42] - |D| - [15528] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[23/09/2017 17:06:32] - |D| - [7378] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
[01/07/2017 14:44:09] - |D| - [1318] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series
[01/02/2019 07:44:07] - |D| - [1997] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[15/09/2018 08:31:34] - |ASH| - [530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[29/07/2015 17:01:08] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[19/05/2018 14:34:20] - |A| - [1270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
[16/12/2018 11:20:55] - |D| - [2654] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[09/01/2018 18:10:39] - |D| - [2798] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESO Community Patch
[29/10/2014 07:26:30] - |D| - [978] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
[30/09/2017 10:53:31] - |D| - [8106] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeStyler
[29/10/2014 07:26:55] - |RD| - [2726] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[26/12/2017 09:41:06] - |D| - [1169] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[13/02/2017 13:38:44] - |A| - [2301] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[26/03/2015 20:21:54] - |D| - [2685] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
[17/12/2016 15:53:59] - |D| - [24225] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[15/09/2018 08:29:46] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
[26/03/2015 20:05:28] - |RD| - [1548] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[26/03/2015 20:05:27] - |A| - [724] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
[17/12/2016 15:49:57] - |D| - [4069] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[12/11/2017 14:15:57] - |D| - [6981] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LECTRAMINI ATTS
[15/09/2018 08:33:50] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[11/02/2019 12:40:57] - |D| - [4054] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[29/07/2015 16:11:00] - |D| - [18288] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[12/12/2015 12:36:08] - |D| - [56400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[26/03/2015 20:08:46] - |D| - [1332] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[29/07/2015 17:23:42] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[26/03/2015 20:11:30] - |D| - [1923] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
[25/01/2017 15:20:59] - |A| - [964] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch 2.lnk
[03/12/2015 09:59:57] - |D| - [2155] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[15/09/2018 08:33:50] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
[15/09/2018 08:33:50] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
[29/10/2014 07:26:56] - |A| - [2522] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
[23/02/2019 03:05:58] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[16/01/2017 13:08:41] - |D| - [4449] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[28/01/2016 10:11:00] - |D| - [3387] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
[30/10/2015 23:05:52] - |D| - [999] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZedTV

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[15/09/2018 08:31:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | C:\Program Files (x86)

[22/08/2017 13:53:30] - |D| - [6] - C:\Program Files (x86)\Activ Software
[25/01/2017 15:20:41] - |D| - [340516] - C:\Program Files (x86)\Adobe
[17/12/2016 15:35:29] - |AD| - [2743854] - C:\Program Files (x86)\Apple Software Update
[03/06/2017 10:04:02] - |D| - [227121414] - C:\Program Files (x86)\ASUS
[26/03/2015 20:16:54] - |AD| - [29700223] - C:\Program Files (x86)\Bluetooth Suite
[17/12/2016 15:35:06] - |AD| - [631715] - C:\Program Files (x86)\Bonjour
[01/07/2017 14:43:40] - |D| - [0] - C:\Program Files (x86)\Canon
[13/02/2016 15:10:42] - |D| - [8258560] - C:\Program Files (x86)\CineForm
[15/09/2018 08:33:50] - |D| - [537137173] - C:\Program Files (x86)\Common Files
[15/09/2018 08:31:34] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[29/05/2018 17:24:36] - |D| - [780928] - C:\Program Files (x86)\EasyAntiCheat
[29/07/2015 16:41:58] - |D| - [27839632] - C:\Program Files (x86)\Electronic Arts
[19/05/2018 14:33:45] - |D| - [370214161] - C:\Program Files (x86)\Epic Games
[16/12/2018 11:20:47] - |D| - [143148351] - C:\Program Files (x86)\epson
[16/12/2018 11:34:15] - |D| - [9728119] - C:\Program Files (x86)\Epson Software
[29/10/2014 07:26:17] - |AD| - [167593780] - C:\Program Files (x86)\Foxit PhantomPDF
[26/12/2017 09:40:25] - |D| - [17112234] - C:\Program Files (x86)\Garmin
[13/02/2016 11:59:49] - |D| - [537733698] - C:\Program Files (x86)\Google
[13/02/2016 15:10:19] - |D| - [0] - C:\Program Files (x86)\GoPro
[26/03/2015 20:21:54] - |D| - [8703664] - C:\Program Files (x86)\ICEpower
[26/03/2015 20:01:10] - |HD| - [73704544] - C:\Program Files (x86)\InstallShield Installation Information
[26/03/2015 20:04:16] - |D| - [35770497] - C:\Program Files (x86)\Intel
[15/09/2018 08:33:50] - |D| - [1983693] - C:\Program Files (x86)\Internet Explorer
[12/11/2017 14:15:49] - |AD| - [16663463] - C:\Program Files (x86)\LECTRAMINI ATTS
[12/12/2015 12:32:26] - |D| - [102815591] - C:\Program Files (x86)\Microsoft Analysis Services
[29/07/2015 13:55:15] - |D| - [4305499205] - C:\Program Files (x86)\Microsoft Games
[12/12/2015 12:32:19] - |D| - [98365963] - C:\Program Files (x86)\Microsoft Office
[12/12/2015 12:35:24] - |D| - [30160] - C:\Program Files (x86)\Microsoft SQL Server
[15/09/2018 08:33:50] - |D| - [8854863] - C:\Program Files (x86)\Microsoft.NET
[12/12/2015 12:35:02] - |D| - [34016] - C:\Program Files (x86)\Mozilla Firefox
[23/02/2019 02:39:43] - |D| - [25757] - C:\Program Files (x86)\MSBuild
[06/09/2017 15:32:20] - |D| - [0] - C:\Program Files (x86)\Noël Danjou
[26/03/2015 20:08:31] - |D| - [216352997] - C:\Program Files (x86)\NVIDIA Corporation
[26/03/2015 20:01:26] - |AD| - [37400] - C:\Program Files (x86)\Qualcomm Atheros
[26/03/2015 20:11:01] - |D| - [157158104] - C:\Program Files (x86)\Realtek
[23/02/2019 02:39:43] - |D| - [38462721] - C:\Program Files (x86)\Reference Assemblies
[25/01/2017 15:20:46] - |AD| - [73424035] - C:\Program Files (x86)\Scratch 2
[03/12/2015 09:59:57] - |RD| - [79202098] - C:\Program Files (x86)\Skype
[26/03/2015 20:11:00] - |HD| - [0] - C:\Program Files (x86)\Temp
[26/10/2016 19:31:06] - |D| - [148614] - C:\Program Files (x86)\UnDeFeaT.com
[18/02/2018 17:31:30] - |D| - [12390592] - C:\Program Files (x86)\UsbFix
[22/07/2015 19:59:38] - |D| - [130563684] - C:\Program Files (x86)\VideoLAN
[17/11/2018 13:21:18] - |D| - [1732586] - C:\Program Files (x86)\VulkanRT
[29/10/2014 07:26:52] - |D| - [14326058] - C:\Program Files (x86)\WildTangent Games
[15/09/2018 08:33:50] - |D| - [1719928] - C:\Program Files (x86)\Windows Defender
[15/09/2018 08:33:50] - |D| - [625152] - C:\Program Files (x86)\Windows Mail
[15/09/2018 17:40:58] - |D| - [3256173] - C:\Program Files (x86)\Windows Media Player
[15/09/2018 17:40:58] - |D| - [40432] - C:\Program Files (x86)\Windows Multimedia Platform
[15/09/2018 08:33:50] - |D| - [7557464] - C:\Program Files (x86)\windows nt
[15/09/2018 17:40:58] - |D| - [5325328] - C:\Program Files (x86)\Windows Photo Viewer
[15/09/2018 17:40:58] - |D| - [40432] - C:\Program Files (x86)\Windows Portable Devices
[15/09/2018 08:33:50] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar
[15/09/2018 08:33:50] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell
[16/01/2017 13:08:26] - |AD| - [5134764] - C:\Program Files (x86)\WinRAR
[28/01/2016 10:10:25] - |D| - [46978386] - C:\Program Files (x86)\XMind
[30/10/2015 23:05:47] - |AD| - [33673113] - C:\Program Files (x86)\ZedTV
[25/02/2016 12:30:34] - |HD| - [175] - C:\Program Files (x86)\Zero G Registry

---------- | C:\Program Files

[17/12/2016 15:35:06] - |AD| - [615066] - C:\Program Files\Bonjour
[01/07/2017 14:37:36] - |HD| - [15909478] - C:\Program Files\CanonBJ
[15/09/2018 08:33:50] - |D| - [958686277] - C:\Program Files\Common Files
[01/02/2019 07:44:07] - |D| - [3173044] - C:\Program Files\CPUID
[15/09/2018 08:31:34] - |ASH| - [174] - C:\Program Files\desktop.ini
[26/03/2015 20:13:53] - |D| - [2385680] - C:\Program Files\DIFX
[19/05/2018 14:42:56] - |D| - [19614586692] - C:\Program Files\Epic Games
[22/04/2016 10:14:04] - |SHD| - [0] - C:\Program Files\Fichiers communs
[10/05/2018 21:40:41] - |D| - [59877472] - C:\Program Files\Google
[03/06/2017 10:03:32] - |D| - [56648211] - C:\Program Files\Intel
[15/09/2018 08:33:50] - |D| - [2637856] - C:\Program Files\internet explorer
[17/12/2016 15:49:22] - |D| - [1374691] - C:\Program Files\iPod
[17/12/2016 15:49:20] - |AD| - [218259892] - C:\Program Files\iTunes
[01/01/2018 22:59:46] - |D| - [167698549] - C:\Program Files\Malwarebytes
[12/12/2015 12:32:26] - |D| - [120126431] - C:\Program Files\Microsoft Analysis Services
[12/12/2015 12:32:15] - |AD| - [1306217371] - C:\Program Files\Microsoft Office
[12/12/2015 12:34:51] - |D| - [35280] - C:\Program Files\Microsoft SQL Server
[12/12/2015 12:35:24] - |D| - [678864] - C:\Program Files\Microsoft.NET
[23/02/2019 02:39:43] - |D| - [25757] - C:\Program Files\MSBuild
[03/06/2017 10:04:23] - |D| - [1019609358] - C:\Program Files\NVIDIA Corporation
[03/06/2017 10:03:53] - |D| - [41757966] - C:\Program Files\Realtek
[23/02/2019 02:39:43] - |D| - [36867241] - C:\Program Files\Reference Assemblies
[26/11/2018 09:29:27] - |D| - [26591678] - C:\Program Files\rempl
[03/06/2017 10:03:44] - |HD| - [0] - C:\Program Files\Uninstall Information
[25/05/2017 09:06:57] - |AD| - [6553600] - C:\Program Files\UNP
[15/09/2018 08:33:50] - |D| - [15109582] - C:\Program Files\Windows Defender
[15/09/2018 08:33:50] - |D| - [636416] - C:\Program Files\Windows Mail
[15/09/2018 17:40:58] - |D| - [4737937] - C:\Program Files\Windows Media Player
[15/09/2018 17:40:58] - |D| - [47512] - C:\Program Files\Windows Multimedia Platform
[15/09/2018 08:33:50] - |D| - [7888728] - C:\Program Files\windows nt
[15/09/2018 17:40:58] - |D| - [6135112] - C:\Program Files\Windows Photo Viewer
[15/09/2018 17:40:58] - |D| - [47512] - C:\Program Files\Windows Portable Devices
[15/09/2018 08:33:50] - |D| - [110373] - C:\Program Files\Windows Security
[15/09/2018 08:33:50] - |SHD| - [0] - C:\Program Files\Windows Sidebar
[15/09/2018 08:33:50] - |HD| - [4910049930] - C:\Program Files\WindowsApps
[15/09/2018 08:33:50] - |D| - [2546495] - C:\Program Files\WindowsPowerShell

---------- | C:\Program Files (x86)\Common Files

[25/01/2017 15:20:41] - |AD| - [28758980] - C:\Program Files (x86)\Common Files\Adobe AIR
[13/02/2016 15:23:49] - |D| - [241564148] - C:\Program Files (x86)\Common Files\Apple
[26/03/2015 20:17:13] - |D| - [166835] - C:\Program Files (x86)\Common Files\Atheros
[29/10/2014 07:25:38] - |D| - [4072970] - C:\Program Files (x86)\Common Files\AWS
[29/05/2018 17:24:47] - |D| - [11491344] - C:\Program Files (x86)\Common Files\BattlEye
[13/08/2015 14:45:40] - |D| - [3421003] - C:\Program Files (x86)\Common Files\InstallShield
[29/07/2015 13:49:41] - |D| - [548963] - C:\Program Files (x86)\Common Files\installshield1
[03/06/2017 10:03:27] - |D| - [68080827] - C:\Program Files (x86)\Common Files\Intel
[15/09/2018 08:33:50] - |D| - [160297090] - C:\Program Files (x86)\Common Files\microsoft shared
[26/03/2015 20:04:28] - |D| - [204796] - C:\Program Files (x86)\Common Files\PostureAgent
[15/09/2018 08:33:50] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[03/12/2015 09:59:57] - |AD| - [2399872] - C:\Program Files (x86)\Common Files\Skype
[15/09/2018 08:33:50] - |D| - [16127643] - C:\Program Files (x86)\Common Files\system

---------- | C:\Program Files\Common files

[17/12/2016 15:34:36] - |D| - [216406808] - C:\Program Files\Common files\Apple
[03/06/2017 10:04:53] - |D| - [4228] - C:\Program Files\Common files\Atheros
[20/07/2015 21:14:19] - |D| - [0] - C:\Program Files\Common files\AV
[12/12/2015 12:35:48] - |AD| - [14488] - C:\Program Files\Common files\DESIGNER
[16/12/2018 18:44:38] - |D| - [152640] - C:\Program Files\Common files\EPSON
[26/03/2015 20:26:35] - |D| - [314876498] - C:\Program Files\Common files\McAfee
[15/09/2018 08:33:50] - |D| - [415518910] - C:\Program Files\Common files\microsoft shared
[26/03/2015 20:16:55] - |D| - [877060] - C:\Program Files\Common files\QCA_Bluetooth
[15/09/2018 08:33:50] - |D| - [2702] - C:\Program Files\Common files\Services
[15/09/2018 08:33:50] - |D| - [10832943] - C:\Program Files\Common files\system

---------- | Tasks

[MD5.A72E5FA711290F62FC6378DDDF0D2E97] - [22/08/2017 13:55:13] - |A| - [1002] - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[MD5.C97621739EF0081777CFF3FFA8B5CDEA] - [16/12/2018 18:44:40] - |A| - [935] - C:\WINDOWS\Tasks\EPSON XP-6000 Series Update {67265C27-2B04-4D8D-938E-E96257478B29}.job
[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [23/02/2019 03:27:46] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT
[MD5.2504BF504244DA4FBFC8341ED3E9A73E] - [23/02/2019 03:27:45] - |A| - [3216] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater         :   C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.00000000000000000000000000000000] - [23/02/2019 03:27:45] - |D| - [2602] - C:\WINDOWS\System32\Tasks\Apple
[MD5.00000000000000000000000000000000] - [23/02/2019 03:27:45] - |D| - [2108] - C:\WINDOWS\System32\Tasks\ASUS
[MD5.77F8D6C0BCDD67C60FD7549C85E00B73] - [23/02/2019 03:27:45] - |A| - [2552] - C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher         :   C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
[MD5.EEC867BC97684CB52BE14F8EF0CF84D6] - [23/02/2019 03:27:45] - |A| - [2054] - C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON         :   C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
[MD5.7A3310C2136C98AE3194E31A87F217CF] - [23/02/2019 03:27:45] - |A| - [2188] - C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus         :   "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
[MD5.295F6D089BA0A873B6DD34490ED84F22] - [23/02/2019 03:27:45] - |A| - [2782] - C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3         :   "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"
[MD5.994ADD503713E01A114FD489DD5AAA80] - [23/02/2019 03:27:45] - |A| - [2470] - C:\WINDOWS\System32\Tasks\DropBox         :   C:\Users\Loïc\Conf.Command-EQGXKI0ZVO.js
[MD5.1C809195A036C18D19F830846B700B4D] - [23/02/2019 03:27:45] - |A| - [3488] - C:\WINDOWS\System32\Tasks\EPSON XP-6000 Series Update {67265C27-2B04-4D8D-938E-E96257478B29}         :   C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSTBE.EXE
[MD5.CEDE8F9EF40BB07C60275AF0AB3AA7D5] - [23/02/2019 03:27:45] - |A| - [3292] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.9D9682E418AD97C63CB07E7CBE52792D] - [23/02/2019 03:27:45] - |A| - [3516] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] - [15/09/2018 08:33:50] - |D| - [627190] - C:\WINDOWS\System32\Tasks\Microsoft
[MD5.5E2B5DB004492BF0449B6BAC122D0B65] - [23/02/2019 03:27:46] - |A| - [5294] - C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-LOIC-Loïc pc-loic         :   C:\Program Files\Microsoft Office\Office15\MsoSync.exe
[MD5.3049EC8F6522E04473EDF48962A8ABDB] - [23/02/2019 03:27:46] - |A| - [2798] - C:\WINDOWS\System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe
[MD5.382DEC9179D805A51C8FB09C0C932185] - [23/02/2019 03:27:46] - |A| - [2860] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4117569676-3186425540-4251289028-1001         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.78EA7DBE2D910C7FE2D8048B4E631836] - [23/02/2019 03:27:46] - |A| - [2812] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4117569676-3186425540-4251289028-1001         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.80315A359DA6C8F94F758F370C667AEF] - [23/02/2019 03:27:46] - |A| - [2750] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4117569676-3186425540-4251289028-500         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.88D68B15AB786B3DF7CF3E83E15E428B] - [23/02/2019 03:27:46] - |A| - [2174] - C:\WINDOWS\System32\Tasks\RTKCPL         :   "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
[MD5.A7B60865C55B5995A72E5236FDDDA311] - [23/02/2019 03:27:46] - |A| - [2428] - C:\WINDOWS\System32\Tasks\Update Checker         :   C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
[MD5.00000000000000000000000000000000] - [23/02/2019 03:27:46] - |D| - [0] - C:\WINDOWS\System32\Tasks\WPD
[MD5.0F5E6E4553CDAB638E1DED74F04CD236] - [23/02/2019 03:27:46] - |A| - [2054] - C:\WINDOWS\System32\Tasks\{0E48ED3A-9615-4C81-8561-DF458D2DE606}         :   C:\Windows\system32\pcalua.exe
[MD5.536B2127168CE008ECB3F39BF0818AC7] - [23/02/2019 03:27:46] - |A| - [2142] - C:\WINDOWS\System32\Tasks\{FA92A664-143E-43B5-945C-3E72BA60FD2B}         :   C:\Windows\system32\pcalua.exe
[MD5.00000000000000000000000000000000] - [15/09/2018 08:33:51] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"WiFiDirect-KM-Driver-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-In-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"DeliveryOptimization-TCP-In"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"DeliveryOptimization-UDP-In"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"Netlogon-NamedPipe-In"=v2.29|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010|
"Netlogon-TCP-RPC-In"=v2.29|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010|
"WirelessDisplay-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Infra-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100|
"{BDFFBBB5-33DA-40AA-BAAD-87E5A8F26121}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=LINE|Desc=LINE|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-3154901008-2849271269-1294263849-4111868753-1430083361-3789501531-791294240|EmbedCtxt=LINE|Platform=2:6:2|Platform2=GTEQ|
"{DDFBDA27-F496-4C04-A663-55C21AC79A7B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{826C9017-F68B-4B46-969D-3647DC403730}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|
"{A88FD978-F40A-4697-A01F-29BDC8851DCE}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ|
"{79104168-190B-4150-BCCB-6DD2964E565B}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ|
"{10E51122-7CF2-40ED-B20C-858E638121A6}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ|
"{0D24BE66-2A6C-418E-810F-BCF9E3930CDE}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{9C7B953B-E4B8-4088-B326-5C36A1371C26}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{DA28C5D4-BD24-4F49-8D81-143D23FEB94A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome|
"{D4D9E5BC-6220-4FBA-A891-6127BB41A32D}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|
"{013F26E9-2C07-4F55-9B56-0726FA780373}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|
"{625D4D87-EBB7-4DE2-AEC5-F6C5F2CE6F57}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Loïc\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe|Name=EpsonNet Setup|
"{C2DBD406-683A-449B-9B31-CBA917AB5451}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Loïc\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe|Name=EpsonNet Setup|
"{89B5A60E-9600-46F9-96A5-712114026875}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{BC530D0D-8BBF-4ECF-B72E-F124CFDF506D}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ|
"{66F2672C-2815-4F8F-AB88-B6069D3063A5}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ|
"{D1093522-0DB3-43DC-BAE2-F6FEAD6F301C}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ|
"{6420ECAC-2D27-4F99-9DC5-CC5A15212147}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ|
"{2AA0988D-2298-47FD-A2F6-E33EE8CBA1B6}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ|
"{7B190E1A-5692-47D0-BA04-23B31098A84B}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ|
"{CF907257-D04A-4A5E-B86F-4203F19D2D21}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{1AA18048-3DBF-4265-9FF9-38E9BBA9D929}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|
"{81462242-1E33-4274-944F-A8B2D27006DF}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Canon Inkjet Print Utility|Desc=Canon Inkjet Print Utility|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-115199243-2764431856-1086699609-1912897127-1214238601-531789971-2447004905|EmbedCtxt=Canon Inkjet Print Utility|Platform=2:6:2|Platform2=GTEQ|
"{E85277B1-966C-4341-A6CD-3BC36EE3A424}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Canon Inkjet Print Utility|Desc=Canon Inkjet Print Utility|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-115199243-2764431856-1086699609-1912897127-1214238601-531789971-2447004905|EmbedCtxt=Canon Inkjet Print Utility|Platform=2:6:2|Platform2=GTEQ|
"UDP Query User{13DB225D-74CE-4C5C-B180-6C0E18157F6B}C:\freestyler\freestylerx2.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\freestyler\freestylerx2.exe|Name=FreeStyler lighting control|Desc=FreeStyler lighting control|
"TCP Query User{B88E0F2D-C35B-44B4-AC06-447C8D90A6F3}C:\freestyler\freestylerx2.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\freestyler\freestylerx2.exe|Name=FreeStyler lighting control|Desc=FreeStyler lighting control|
"UDP Query User{14D8D904-6981-4B09-8741-63A134FF2450}C:\freestyler\freestylerx2.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\freestyler\freestylerx2.exe|Name=FreeStyler lighting control|Desc=FreeStyler lighting control|
"TCP Query User{FC6F7B8E-3ED3-4CAD-BB35-73B4C690579C}C:\freestyler\freestylerx2.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\freestyler\freestylerx2.exe|Name=FreeStyler lighting control|Desc=FreeStyler lighting control|
"{15AEDFE9-1784-4C2B-B126-D75903DC1506}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Fresh Paint|Desc=Fresh Paint|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-753205055-3642759886-2300710532-466079404-1496176425-3605778055-1481226570|EmbedCtxt=Fresh Paint|Platform=2:6:2|Platform2=GTEQ|
"{7457F1CF-6D33-412E-9C68-98C769AD37D2}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Flipboard|Desc=Flipboard|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-864994224-3030340628-3329202063-153121207-2255414721-17657611-2370319705|EmbedCtxt=Flipboard|Platform=2:6:2|Platform2=GTEQ|
"{66B2D421-AC87-4ACC-A921-853031F02109}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Name=@{MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{F7D9553E-0616-42EC-9293-B5FA2B8C81FC}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=@{MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ|
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|
"{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{9E3D57FC-7C37-4424-9352-4831E97D029D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{7599D70E-1709-432E-B9A5-143C9C8C8B8C}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{E0898B12-B189-4A10-9559-141C33FDA4EC}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{AC5411A8-3B91-4E5E-B660-07C981C6CA14}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe|Name=Age of Empires 3|
"{204BCDE0-0BDC-4861-A494-FF4D43126F81}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe|Name=Age of Empires 3|
"{851F3492-5EE0-4ADA-A8DF-574D915AB45E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe|Name=Age of Empires III - The Asian Dynasties|
"{78BF63BC-0973-473B-8393-06F18ED71529}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe|Name=Age of Empires III - The Asian Dynasties|
"{BFAC9209-4B70-4C4A-8867-493493B0CDDB}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe|Name=Age of Empires III - The WarChiefs|
"{E2DEBBDB-9767-4383-B766-A42F3CA603EE}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe|Name=Age of Empires III - The WarChiefs|
"{97C03AEB-DA00-467E-BEA7-78269D8DDD65}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe|Name=Video Converter Studio|
"{162CD9FD-8C99-4FC5-995A-209E1A4E3040}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe|Name=Video Converter Studio|
"TCP Query User{A2976267-CB71-42C6-8132-D61E1392624F}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|
"UDP Query User{59E44C89-1DDE-419B-8E28-B221A0C0B69B}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|
"TCP Query User{2785BC77-D1B3-4614-9EB5-63D45F00FD84}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|
"UDP Query User{1C074BD2-C3D3-42D0-8380-6444BF209953}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|
"{6EBC3A51-C506-47E1-8C42-B9919A1CEF9D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{C32ACE85-3CD1-4BB7-8244-441A25B2B029}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=ASUS Welcome|Desc=ASUS Welcome|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-1791334737-3644637894-912171476-726613620-3748997741-2897954968-3492054033|EmbedCtxt=ASUS Welcome|Platform=2:6:2|Platform2=GTEQ|
"{F3D2D138-F28C-4561-9F4D-8113DA0F4EBD}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Zinio|Desc=Zinio|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-720185855-2675332291-2976434075-758544043-626028312-300598871-2309835828|EmbedCtxt=Zinio|Platform=2:6:2|Platform2=GTEQ|
"{09EFDA98-E806-4D37-B5E3-08BE82B6738B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Zinio|Desc=Zinio|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-720185855-2675332291-2976434075-758544043-626028312-300598871-2309835828|EmbedCtxt=Zinio|Platform=2:6:2|Platform2=GTEQ|
"{00510A25-C69A-4A15-9C26-597D310682CD}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=- Games App -|Desc=- Games App -|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-54699281-1271618622-4162202136-1802718980-1937042405-523788449-2466384431|EmbedCtxt=- Games App -|Platform=2:6:2|Platform2=GTEQ|
"{699E0A65-2DF5-4D39-96F0-4CE8D1915E72}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ|
"{0C781428-CBC2-4623-9A2B-59FC8672D5EE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"TCP Query User{9F3B1D9D-39CA-4229-889A-69F26E64426A}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\microsoft games\age of empires iii\age3y.exe|Name=Age of Empires III Expansion 2|Desc=Age of Empires III Expansion 2|Defer=User|
"UDP Query User{9CBBABBE-E68A-4448-B4A3-62F63C4CFDC1}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\microsoft games\age of empires iii\age3y.exe|Name=Age of Empires III Expansion 2|Desc=Age of Empires III Expansion 2|Defer=User|
"TCP Query User{A3407F57-B5A0-4553-B8BA-994CF2CCF402}C:\program files (x86)\microsoft games\age of empires iii\age3.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\microsoft games\age of empires iii\age3.exe|Name=Age of Empires 3|Desc=Age of Empires 3|Defer=User|
"UDP Query User{9EA87E32-271D-499E-8DF8-C2C7CD751A3E}C:\program files (x86)\microsoft games\age of empires iii\age3.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\microsoft games\age of empires iii\age3.exe|Name=Age of Empires 3|Desc=Age of Empires 3|Defer=User|
"TCP Query User{5263F560-0979-4A5D-B448-4FB03D41BA68}C:\program files (x86)\microsoft games\age of empires iii\age3f.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\microsoft games\age of empires iii\age3f.exe|Name=Age of Empires III Expansion 2|Desc=Age of Empires III Expansion 2|Defer=User|
"UDP Query User{F77D2E2B-D3F4-4F3C-A1E0-908DFAC3E3AC}C:\program files (x86)\microsoft games\age of empires iii\age3f.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\microsoft games\age of empires iii\age3f.exe|Name=Age of Empires III Expansion 2|Desc=Age of Empires III Expansion 2|Defer=User|
"TCP Query User{33A2C0F5-4344-453B-AAAB-27F47FF0DC9E}C:\program files (x86)\microsoft games\age of empires iii\age3f.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\microsoft games\age of empires iii\age3f.exe|Name=Age of Empires III Expansion 2|Desc=Age of Empires III Expansion 2|Defer=User|
"UDP Query User{2563F9FE-3457-4942-9F17-258800B20A3B}C:\program files (x86)\microsoft games\age of empires iii\age3f.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\microsoft games\age of empires iii\age3f.exe|Name=Age of Empires III Expansion 2|Desc=Age of Empires III Expansion 2|Defer=User|
"{1AA1273B-7C76-4F0D-B45A-728E8EF1BD65}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{6BA4E120-FAB9-46CF-96AF-6493AE57F938}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{C53F77AB-0387-49DF-9C23-80D2C956EFD5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{25927C28-E71F-4B7E-BC61-F515C1F10A44}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{BFDAACAC-6B65-4A59-A18E-28057687EF8E}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\Loïc\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|
"{71BA15D9-5569-4D66-8B22-744A0B2342D3}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\Loïc\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|
"{EBF6121D-566D-45B4-9A80-2F304B876AC7}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Sway|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|
"{BBB81BEA-0EDB-44CC-8160-31AE5BCC62AE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=TripAdvisor Hotels Flights Restaurants|Desc=TripAdvisor Hotels Flights Restaurants|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-3043548224-2235967549-1382791125-3168413616-1702302935-4247438294-2497735402|EmbedCtxt=TripAdvisor Hotels Flights Restaurants|Platform=2:6:2|Platform2=GTEQ|
"{79F2F211-9E82-466B-B42B-A7B96BB2C5B3}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3t.exe|Name=Age of Empires 3|
"{4C662C03-8E44-4655-A0BF-A59DD4F29BC0}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3t.exe|Name=Age of Empires 3|
"TCP Query User{A72E9159-8F07-4A01-9690-AC5BB85970AD}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User|
"UDP Query User{8B64B47D-FC13-4FC6-A4B7-804993D28E9F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User|
"TCP Query User{C3A2E7F9-2B9E-4C27-87D9-76B51E9CC970}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|
"UDP Query User{54A8B364-7D27-4E58-802E-90EBF8E663F3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|
"TCP Query User{3510EABB-828C-4B1D-8717-459BFA7AAC0A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User|
"UDP Query User{E3D313E5-EE57-465B-A026-D1D33BCC449C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User|
"{890592DE-5D15-49DE-977A-72F46411853E}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{37B61D31-59D6-4EE5-A932-D0F5BBFE0698}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ|
"{75E9A073-B474-4142-A433-DDE10C17088D}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-4117569676-3186425540-4251289028-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ|





---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs)
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{78a1c341-4539-11d3-b88d-00c04fad5171}] : (Universal Serial Bus devices) [] -> @oem18.inf,%ClassName%;Universal Serial Bus devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c3077fcd-9c3c-482f-9317-460712f23efd}] : (DPTF) [] -> @oem73.inf,%ClassName%;Intel(R) Dynamic Platform and Thermal Framework
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[27/08/2014 20:23:44] - (8.0.1.316) - (Qualcomm Atheros - Qualcomm Atheros BUS driver) - C:\WINDOWS\System32\drivers\btath_bus.sys
[02/07/2013 17:45:52] - (1.0.6.1) - (ASUSTek Computer Inc. - ATK WMIACPI Utility) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
[14/05/2015 10:44:38] - (6.3.9600.21275) - (Realsil Semiconductor Corporation - RTS PCIE READER Driver) - C:\WINDOWS\system32\DRIVERS\RtsPer.sys
[15/09/2018 08:28:15] - (3.0.2.201) - (Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver) - C:\WINDOWS\System32\drivers\athw8x.sys
[12/12/2017 20:32:46] - (23.21.13.8857) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 388.57) - C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys
[13/05/2015 04:44:24] - (1.0.0.4) - (ASUS - HID driver for ASUS Wireless Radio Control) - C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
[29/07/2015 15:15:25] - (1.2.30.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys
[02/07/2009 18:36:14] - (1.0.9.1) - (ASUS - Memory mapping Driver) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
[25/09/2015 09:51:25] - (4.1.0.2980) - (Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver) - C:\Windows\system32\drivers\npf.sys

---------- | LoadOrderGroup

Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK
Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK
Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK
Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK
Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK
Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK
Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK
Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK
Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK
Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK
Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK
Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK
Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK
Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK
Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK
Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK
Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK
Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK
Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK
Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK
Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK
Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK
Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK
Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK
Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK
Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK
Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK
Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK
Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK
Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK
Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK
Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK
Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK
Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK
Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK
Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK
Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK
Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK
Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK
Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK
Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK
Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK
Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK
Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK
Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK
Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK
Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK
Name: PerceptionGroup - DriverEnabled: True - GroupOrder: 48 - Status: OK
Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 49 - Status: OK
Name: AudioGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK
Name: UIGroup - DriverEnabled: True - GroupOrder: 51 - Status: OK
Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 52 - Status: OK
Name: PlugPlay - DriverEnabled: True - GroupOrder: 53 - Status: OK
Name: Cryptography - DriverEnabled: True - GroupOrder: 54 - Status: OK
Name: PNP_TDI - DriverEnabled: True - GroupOrder: 55 - Status: OK
Name: NDIS - DriverEnabled: True - GroupOrder: 56 - Status: OK
Name: TDI - DriverEnabled: True - GroupOrder: 57 - Status: OK
Name: iSCSI - DriverEnabled: True - GroupOrder: 58 - Status: OK
Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK
Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK
Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK
Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK
Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 63 - Status: OK
Name: NetworkProvider - DriverEnabled: True - GroupOrder: 64 - Status: OK
Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 65 - Status: OK
Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 66 - Status: OK
Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 67 - Status: OK
Name: Extended Base - DriverEnabled: True - GroupOrder: 68 - Status: OK
Name: PCI Configuration - DriverEnabled: True - GroupOrder: 69 - Status: OK
Name: MS Transactions - DriverEnabled: True - GroupOrder: 70 - Status: OK
Name: Core - DriverEnabled: False - GroupOrder: 71 - Status: OK
Name: Network - DriverEnabled: False - GroupOrder: 72 - Status: OK
Name: PNP Filter - DriverEnabled: False - GroupOrder: 73 - Status: OK
Name: System - DriverEnabled: False - GroupOrder: 74 - Status: OK
Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 75 - Status: OK
Name: NetworkService - DriverEnabled: False - GroupOrder: 76 - Status: OK
Name: Early-Launch - DriverEnabled: False - GroupOrder: 77 - Status: OK
Name: LocalService - DriverEnabled: False - GroupOrder: 78 - Status: OK

---------- | LoadOrderGroupServiceDependencies

LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess"
LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs"

---------- | LoadOrderGroupServiceMembers

LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc"
LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ASLDRService"
LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ATKGFNEXSrv"
LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder"
LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch"
LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall"
LoadOrderGroup.Name="TDI" - Service.Name="Dhcp"
LoadOrderGroup.Name="TDI" - Service.Name="Dnscache"
LoadOrderGroup.Name="TDI" - Service.Name="dot3svc"
LoadOrderGroup.Name="TDI" - Service.Name="DusmSvc"
LoadOrderGroup.Name="Event Log" - Service.Name="EventLog"
LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc"
LoadOrderGroup.Name="TDI" - Service.Name="icssvc"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="igfxCUIService2.0.0.0"
LoadOrderGroup.Name="TDI" - Service.Name="irmon"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation"
LoadOrderGroup.Name="TDI" - Service.Name="lmhosts"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM"
LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="mpssvc"
LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI"
LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon"
LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc"
LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc"
LoadOrderGroup.Name="Video" - Service.Name="NVDisplay.ContainerLocalSystem"
LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay"
LoadOrderGroup.Name="Plugplay" - Service.Name="Power"
LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs"
LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs"
LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr"
LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS"
LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection"
LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler"
LoadOrderGroup.Name="profsvc_group" - Service.Name="SysMain"
LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller"
LoadOrderGroup.Name="AudioGroup" - Service.Name="VacSvc"
LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc"
LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware"
LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AcpiDev"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="afunix"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas"
LoadOrderGroup.Name="ShellSvcGroup" - SystemDriver.Name="ASMMAP64"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="athr"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv"
LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay"
LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2"
LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep"
LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="bindflt"
LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BTATH_BUS"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BthMini"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BthPan"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHPORT"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHUSB"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="bttflt"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs"
LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="cht4iscsi"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cht4vbd"
LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc"
LoadOrderGroup.Name="TDI" - Service.Name="wlpasvc"
LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc"
LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass"
LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="CldFlt"
LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS"
LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG"
LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus"
LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv"
LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc"
LoadOrderGroup.Name="Base" - SystemDriver.Name="dptf_cpu"
LoadOrderGroup.Name="Base" - SystemDriver.Name="dptf_pch"
LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv"
LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass"
LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev"
LoadOrderGroup.Name="Base" - SystemDriver.Name="esif_lf"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat"
LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt"
LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo"
LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace"
LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr"
LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol"
LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidspi"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hvservice"
LoadOrderGroup.Name="System" - SystemDriver.Name="HwNClx0101"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd"
LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo"
LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_BXT_P"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_CNL"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_GLK"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_BXT_P"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_CNL"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_GLK"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorA"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAVC"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus"
LoadOrderGroup.Name="Video" - SystemDriver.Name="igfx"
LoadOrderGroup.Name="Base" - SystemDriver.Name="IndirectKmd"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="intelpep"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="iorate"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="irda"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ItSas35i"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic"
LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD"
LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS"
LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbhost"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbip"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas2i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas35i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MEIx64"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus"
LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr"
LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv"
LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb"
LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge"
LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig"
LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr"
LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy"
LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc"
LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="Ntfs"
LoadOrderGroup.Name="Base" - SystemDriver.Name="Null"
LoadOrderGroup.Name="Video" - SystemDriver.Name="nvlddmkm"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor"
LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia"
LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched"
LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd"
LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFS"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="RFCOMM"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="rhproxy"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="RTL8168"
LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum"
LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial"
LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SmartSAMD"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="SpatialGraphFilter"
LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2"
LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme"
LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt"
LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum"
LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmTcpciCx0101"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmUcsiCx0101"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000"
LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea"
LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass"
LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000"
LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub"
LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot"
LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp"
LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Vid"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwifimp"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6"
LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="wcifs"
LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="wcnfs"
LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="WdBoot"
LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000"
LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter"
LoadOrderGroup.Name="base" - SystemDriver.Name="WdmCompanionFilter"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS"
LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi"
LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl"
LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf"
LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip"
LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid"

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - BTATH_BUS (@oem52.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus) -> System32\drivers\btath_bus.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - iaStorA () -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - IntelHSWPcc () -> System32\drivers\IntelPcc.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ATKWMIACPIIO (ATKWMIACPI Driver) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True
S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False
R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - ASMMAP64 (ASMMAP64) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - npf (NetGroup Packet Filter Driver) -> \??\C:\Windows\system32\drivers\npf.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AcpiDev (@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver) -> \SystemRoot\System32\drivers\AcpiDev.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - applockerfltr (@%systemroot%\system32\srpapi.dll,-102) -> system32\drivers\applockerfltr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\mprmsg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - athr (@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver) -> \SystemRoot\System32\drivers\athw8x.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - bindflt (@%systemroot%\system32\drivers\bindflt.sys,-100) -> \SystemRoot\system32\drivers\bindflt.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - bowser (@%systemroot%\system32\wkssvc.dll,-2001) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - BtFilter (BtFilter) -> \SystemRoot\system32\DRIVERS\btfilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthA2DP (@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver) -> \SystemRoot\system32\DRIVERS\BthA2dp.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthEnum (@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service) -> \SystemRoot\System32\drivers\BthEnum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthHFAud (@wdma_bt.inf,%DISPLAY_NAME%;Mains libres Bluetooth) -> \SystemRoot\system32\DRIVERS\BthHfAud.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio Profile) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthLEEnum (@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver) -> \SystemRoot\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthMini (@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver) -> \SystemRoot\System32\drivers\BTHMINI.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Pilote de communications modem Bluetooth) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthPan (@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network)) -> \SystemRoot\System32\drivers\bthpan.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BTHPORT (@bth.inf,%BTHPORT.SvcDesc%;Pilote de port Bluetooth) -> \SystemRoot\System32\drivers\BTHport.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BTHUSB (@bth.inf,%BTHUSB.SvcDesc%;Pilote USB radio Bluetooth) -> \SystemRoot\System32\drivers\BTHUSB.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - CAD (@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver) -> \SystemRoot\System32\drivers\CAD.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - CapImg (@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen) -> \SystemRoot\System32\drivers\capimg.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - cht4vbd (@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver) -> \SystemRoot\System32\drivers\cht4vx64.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - dptf_cpu () -> \SystemRoot\System32\drivers\dptf_cpu.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - dptf_pch () -> \SystemRoot\System32\drivers\dptf_pch.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - esif_lf () -> \SystemRoot\System32\drivers\esif_lf.sys - AcceptPause: False - AcceptStop: True
S3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\drivers\genericusbfn.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hidspi (@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver) -> \SystemRoot\System32\drivers\hidspi.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - HIDSwitch (@oem65.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control) -> \SystemRoot\System32\drivers\AsHIDSwitch64.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - hvservice (@%SystemRoot%\system32\drivers\hvservice.sys,-16) -> system32\drivers\hvservice.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HwNClx0101 (Microsoft Hardware Notifications Class Extension Driver) -> System32\Drivers\mshwnclx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\System32\drivers\HyperVideo.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - i8042prt (@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - iagpio (@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iagpio.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2 (@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2_BXT_P (@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2_CNL (@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_CNL.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2_GLK (@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_GLK.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C_BXT_P (@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_BXT_P.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C_CNL (@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_CNL.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C_GLK (@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_GLK.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - igfx () -> \SystemRoot\system32\DRIVERS\igdkmd64.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - IndirectKmd (@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100) -> \SystemRoot\System32\drivers\IndirectKmd.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - intaud_WaveExtensible (Intel WiDi Audio Device) -> \SystemRoot\system32\drivers\intelaud.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - IntcDAud (@oem84.inf,%IntcDAud.SvcDesc%;Son Intel(R) pour écrans) -> \SystemRoot\system32\DRIVERS\IntcDAud.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\mprmsg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IPT () -> \SystemRoot\System32\drivers\ipt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - irda (IrDA) -> \SystemRoot\system32\drivers\irda.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - mausbhost (@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver) -> \SystemRoot\System32\drivers\mausbhost.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - mausbip (@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver) -> \SystemRoot\System32\drivers\mausbip.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MbbCx (MBB Network Adapter Class Extension) -> system32\drivers\MbbCx.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - MEIx64 (@oem78.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface) -> \SystemRoot\system32\DRIVERS\TeeDriverx64.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Microsoft_Bluetooth_AvrcpTransport (@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver) -> \SystemRoot\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True
S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\System32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\System32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\System32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\System32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\mprmsg.dll,-32001) -> System32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\mprmsg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - ndiswanlegacy (@%systemroot%\system32\mprmsg.dll,-32014) -> System32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - ndproxy (@%SystemRoot%\system32\drivers\ndproxy.sys,-6000) -> System32\DRIVERS\NDProxy.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - NetAdapterCx (Network Adapter Wdf Class Extension Library) -> system32\drivers\NetAdapterCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - netvsc () -> \SystemRoot\System32\drivers\netvsc.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - Ntfs () -> (?) - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - nvdimm (@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver) -> \SystemRoot\System32\drivers\nvdimm.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - nvlddmkm () -> \SystemRoot\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - NvStreamKms (NvStreamKms) -> \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - nvvad_WaveExtensible (@oem80.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM)) -> \SystemRoot\system32\drivers\nvvad64v.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - PktMon (Packet Monitor Driver) -> system32\drivers\PktMon.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - pmem (@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver) -> \SystemRoot\System32\drivers\pmem.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - PNPMEM (@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver) -> \SystemRoot\System32\drivers\pnpmem.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\mprmsg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\mprmsg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\mprmsg.dll,-32007) -> System32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - ReFS () -> (?) - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - ReFSv1 () -> (?) - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - RFCOMM (@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI)) -> \SystemRoot\System32\drivers\rfcomm.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - rhproxy (@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver) -> \SystemRoot\System32\drivers\rhproxy.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - RTL8168 (@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver) -> \SystemRoot\System32\drivers\Rt630x64.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - RTSPER (@oem44.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER) -> \SystemRoot\system32\DRIVERS\RtsPer.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SDFRd (@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector) -> \SystemRoot\System32\drivers\SDFRd.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SNP2UVC (USB2.0 PC Camera (SNP2UVC)) -> \SystemRoot\system32\DRIVERS\snp2uvc.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SpatialGraphFilter (Holographic Spatial Graph Filter) -> System32\drivers\SpatialGraphFilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - TsUsbFlt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> system32\drivers\tsusbflt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - tunnel (@%SystemRoot%\System32\drivers\tunnel.sys,-500) -> System32\drivers\tunnel.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmTcpciCx0101 (UCM-TCPCI KMDF Class Extension) -> System32\Drivers\UcmTcpciCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmUcsi (@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client) -> \SystemRoot\System32\drivers\UcmUcsi.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmUcsiAcpiClient (@UcmUcsiAcpiClient.inf,%UcmUcsiAcpiClient.ServiceName%;UCM-UCSI ACPI Client) -> \SystemRoot\System32\drivers\UcmUcsiAcpiClient.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmUcsiCx0101 (UCM-UCSI KMDF Class Extension) -> System32\Drivers\UcmUcsiCx.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\drivers\UfxChipidea.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urschipidea.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urssynopsys.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver) -> \SystemRoot\System32\drivers\usbser.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - usbvideo (@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vhf (@hidvhf.inf,%VhfService%;Virtual HID Framework (VHF) Driver) -> \SystemRoot\System32\drivers\vhf.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - Vid () -> \SystemRoot\System32\drivers\Vid.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vmgid (@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver) -> \SystemRoot\System32\drivers\vmgid.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - vwifimp (@%SystemRoot%\System32\drivers\vwifimp.sys,-261) -> \SystemRoot\System32\drivers\vwifimp.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - wanarpv6 (@%systemroot%\system32\mprmsg.dll,-32012) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WdmCompanionFilter (@%SystemRoot%\system32\drivers\WdmCompanionFilter.sys,-1000) -> system32\drivers\WdmCompanionFilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\drivers\wd\WdNisDrv.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - WIMMount (@%SystemRoot%\system32\drivers\wimmount.sys,-101) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WinNat (@%SystemRoot%\system32\drivers\winnat.sys,-10001) -> system32\drivers\winnat.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - WinQuic (@%SystemRoot%\system32\drivers\winquic.sys,-1) -> system32\drivers\winquic.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - WINUSB (@winusb.inf,%WINUSB_SvcName%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - MBAMSwissArmy (MBAMSwissArmy) -> \SystemRoot\System32\Drivers\mbamswissarmy.sys - AcceptPause: False - AcceptStop: True
S4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: False
S4 - [Kernel Driver] - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys - AcceptPause: False - AcceptStop: False
S4 - [Kernel Driver] - hvcrash () -> \SystemRoot\System32\drivers\hvcrash.sys - AcceptPause: False - AcceptStop: False
S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False
S4 - [Kernel Driver] - VerifierExt (@%SystemRoot%\System32\drivers\VerifierExt.sys,-1000) -> System32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False
S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False

---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted)


---------- | Uninstall (Whitelist)

[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1B444AF9-1DBE-4884-8F35-969BEFCF69A8}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{1B444AF9-1DBE-4884-8F35-969BEFCF69A8}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{29AAC3D3-23FC-496D-8266-0E3833686758}] : (iCloud.-.Apple Inc.) -> MsiExec.exe /I{29AAC3D3-23FC-496D-8266-0E3833686758}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3F94FE8B-BD63-4E8C-9F08-602BE1961E1D}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{3F94FE8B-BD63-4E8C-9F08-602BE1961E1D}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{693CADB0-962B-4AC1-A939-9524B258C997}] : (Backup and Sync from Google.-.Google, Inc.) -> MsiExec.exe /X{693CADB0-962B-4AC1-A939-9524B258C997}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7A267678-A258-471B-9035-A51E068531C8}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{7A267678-A258-471B-9035-A51E068531C8}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}] : (iTunes.-.Apple Inc.) -> MsiExec.exe /I{81C96689-EA5B-4B7D-A04F-16326EC51BC2}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A84A4FB1-D703-48DB-89E0-68B6499D2801}] : (Qualcomm Atheros Bluetooth Suite (64).-.Qualcomm Atheros Communications) -> MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 388.57.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 2.5.12.11.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 2.5.12.11.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer] : (GFExperience.Deployer.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] : (NVIDIA LED Visualizer 1.0.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] : (NVIDIA GeForce Experience Service.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] : (NVIDIA Network Service.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 2.5.12.11.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.30.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BD667C75-0EDD-4073-A406-A6DD9C3016EB}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{BD667C75-0EDD-4073-A406-A6DD9C3016EB}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E4E75758-4648-4802-87D3-29E3F874B260}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{E4E75758-4648-4802-87D3-29E3F874B260}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\edu.media.mit.Scratch2Editor] : (Scratch 2 Offline Editor.-.Massachusetts Institute of Technology) -> msiexec /qb /x {EF5983CC-7C4B-85D2-36BA-591163A1159E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FreeStyler 1024_is1] : (FreeStyler.-.Raphaël Wellekens) -> "c:\FreeStyler\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{01535110-65FB-4437-AF99-6FB40252C06C}] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0168BC69-1180-499C-8640-945D23EF4C94}] : (Age3XRec Renamer.-.UnDeFeaT.com) -> MsiExec.exe /I{0168BC69-1180-499C-8640-945D23EF4C94}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}] : (ASUS Splendid Video Enhancement Technology.-.ASUS) -> MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}] : (ASUS Screen Saver.-.ASUS) -> MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}] : (Device Setup.-.ASUSTek Computer Inc.) -> MsiExec.exe /I{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25A60C59-0FDC-4D73-81F4-D4A6D4E0CB92}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{25A60C59-0FDC-4D73-81F4-D4A6D4E0CB92}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}] : (Garmin USB Drivers.-.Garmin Ltd or its subsidiaries) -> MsiExec.exe /X{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56EC47AA-5813-4FF6-8E75-544026FBEA83}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{56EC47AA-5813-4FF6-8E75-544026FBEA83}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}] : (AudioWizard.-.ICEpower a/s) -> MsiExec.exe /X{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6A0549A9-1B96-498C-ACBC-3943001FEB19}] : (Skype™ 7.15.-.Skype Technologies S.A.) -> MsiExec.exe /X{6A0549A9-1B96-498C-ACBC-3943001FEB19}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7B4E06B9-2FA4-4F3E-85C5-1DCF1BA4B999}_is1] : (ZedTV version 2.7.2.-.zedsoft) -> "C:\Program Files (x86)\ZedTV\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F21291E-0444-4B1D-B9F9-4370A73E346D}] : (WinFlash.-.ASUS) -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9BFB1FAB-8FC4-4FAA-9B2D-2B121834B659}] : (Adobe Flash Player 11 Plugin.-.Adobe Systems Incorporated) -> MsiExec.exe /X{9BFB1FAB-8FC4-4FAA-9B2D-2B121834B659}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}] : (ASUS USB Charger Plus.-.ASUS) -> MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}] : (ATK Package.-.ASUS) -> MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}] : (Garmin WebUpdater.-.Garmin Ltd or its subsidiaries) -> MsiExec.exe /X{AE1EC58E-B2AC-4959-A4C2-C38202A25239}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D55AA8F9-1DD5-4EFD-BBAA-7879A5C32ACC}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{D55AA8F9-1DD5-4EFD-BBAA-7879A5C32ACC}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF5983CC-7C4B-85D2-36BA-591163A1159E}] : (Scratch 2 Offline Editor.-.Massachusetts Institute of Technology) -> MsiExec.exe /I{EF5983CC-7C4B-85D2-36BA-591163A1159E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}] : (ASUS Live Update.-.ASUS) -> MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}] : (Foxit PhantomPDF.-.Foxit Corporation) -> MsiExec.exe /X{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}

---------- | Ports 


---------- | Microsoft Specifications

CheckID: SetupControllerFiles0{90150000-0090-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: WISPHidden0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> WISPHidden
CheckID: SetupControllerFiles0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: OSetupController0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> OSetupController
CheckID: dummy_Office_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> dummy_Office_PIA
CheckID: VSTO0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> VSTO
CheckID: VSTOCLR350{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> VSTOCLR35
CheckID: VSTOCLR400{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> VSTOCLR40
CheckID: Ace_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> Ace_PIA
CheckID: Forms_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> Forms_PIA
CheckID: VSCommonPIAHidden0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> VSCommonPIAHidden
CheckID: SubscriptionHeartbeat20{90150000-0011-0000-1000-0000000FF1CE} - SLD_LICENSETYPE="3" -> SubscriptionHeartbeat
CheckID: WISPFiles0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> WISPFiles
CheckID: LOBiFiles0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> LOBiFiles
CheckID: LOBiMain0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> LOBiMain
CheckID: Graph_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR POWERPOINTC2RINSTALLED OR WORDC2RINSTALLED)) -> Graph_PIA
CheckID: SmartTag_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR WORDC2RINSTALLED)) -> SmartTag_PIA
CheckID: Excel_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT EXCELC2RINSTALLED) -> Excel_PIA
CheckID: Excel_WISPFiles20{90150000-0011-0000-1000-0000000FF1CE} - NOT CLICK2RUN AND ISTABLETOS -> Excel_WISPFiles
CheckID: XDocsProgrammabilityFiles0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT XDOCSC2RINSTALLED) -> XDocsProgrammabilityFiles
CheckID: XDocs_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT XDOCSC2RINSTALLED) -> XDocs_PIA
CheckID: XDOCSNonBootFiles20{90150000-0011-0000-1000-0000000FF1CE} - VersionNT64 -> XDOCSNonBootFiles
CheckID: NonC2R_XDOCSNonBootFiles0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> NonC2R_XDOCSNonBootFiles
CheckID: OneNotePIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ONENOTEC2RINSTALLED) -> OneNotePIA
CheckID: NonC2R_OneNoteNonBootFiles0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> NonC2R_OneNoteNonBootFiles
CheckID: Outlook_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT OUTLOOKC2RINSTALLED) -> Outlook_PIA
CheckID: PowerPoint_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT POWERPOINTC2RINSTALLED) -> PowerPoint_PIA
CheckID: NonC2R_PPTNonBootFiles0{90150000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> NonC2R_PPTNonBootFiles
CheckID: Publisher_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT PUBLISHERC2RINSTALLED) -> Publisher_PIA
CheckID: Word_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT WORDC2RINSTALLED) -> Word_PIA
CheckID: Word_WISPFiles20{90150000-0011-0000-1000-0000000FF1CE} - NOT CLICK2RUN AND ISTABLETOS -> Word_WISPFiles
CheckID: Access_PIA0{90150000-0011-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ACCESSC2RINSTALLED) -> Access_PIA
CheckID: SetupControllerFiles0{90150000-00A1-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-00C1-0000-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-00C1-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-00E1-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-00E2-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-0044-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-0015-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-0016-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-0018-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-0019-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-001A-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-00BA-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-001B-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-012B-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-002C-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-006E-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: OSetupControllerIntl_10360{90150000-006E-040C-1000-0000000FF1CE} - CLICK2RUN -> OSetupControllerIntl_1036
CheckID: LOBiFilesIntl_10360{90150000-006E-040C-1000-0000000FF1CE} - CLICK2RUN -> LOBiFilesIntl_1036
CheckID: VSTOIntl_10360{90150000-006E-040C-1000-0000000FF1CE} - CLICK2RUN -> VSTOIntl_1036
CheckID: VSTOCLR35Intl_10360{90150000-006E-040C-1000-0000000FF1CE} - CLICK2RUN -> VSTOCLR35Intl_1036
CheckID: VSTOCLR40Intl_10360{90150000-006E-040C-1000-0000000FF1CE} - CLICK2RUN -> VSTOCLR40Intl_1036
CheckID: SetupControllerFiles0{90150000-001F-0401-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-001F-0413-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-001F-0407-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-001F-0409-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-001F-0C0A-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: SetupControllerFiles0{90150000-001F-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles
CheckID: Win7_HID_Profile_64200{A84A4FB1-D703-48DB-89E0-68B6499D2801} - HID="0" -> Win7_HID_Profile_64
CheckID: Win7_VDP_Profile_64200{A84A4FB1-D703-48DB-89E0-68B6499D2801} - VDP="0" -> Win7_VDP_Profile_64
CheckID: Win8_HID_Profile_64200{A84A4FB1-D703-48DB-89E0-68B6499D2801} - HID="0" -> Win8_HID_Profile_64
CheckID: Win8_VDP_Profile_64200{A84A4FB1-D703-48DB-89E0-68B6499D2801} - VDP="0" -> Win8_VDP_Profile_64
CheckID: Win7_Drivers_64200{A84A4FB1-D703-48DB-89E0-68B6499D2801} - VersionNT<601 OR VersionNT>601 -> Win7_Drivers_64
CheckID: Win8.1_Drivers_64200{A84A4FB1-D703-48DB-89E0-68B6499D2801} - VersionNT<603 OR VersionNT>603 -> Win8.1_Drivers_64
CheckID: Win8_Drivers_64200{A84A4FB1-D703-48DB-89E0-68B6499D2801} - VersionNT<602 OR VersionNT>602 -> Win8_Drivers_64
CheckID: DesktopShortcut1{EF5983CC-7C4B-85D2-36BA-591163A1159E} - INSTALL_DESKTOP_SHORTCUT="yes" -> DesktopShortcut
CheckID: ProgramShortcut1{EF5983CC-7C4B-85D2-36BA-591163A1159E} - INSTALL_PROGRAM_SHORTCUT="yes" -> ProgramShortcut

---------- | CLSID (Whitelist)

[HKCR\CLSID\{0AA0CDE7-36E7-482D-9251-752B17433809}] - (.©2002 EliteVB -.) - C:\WINDOWS\SysWow64\Threading.dll   [30/09/2017 10:52:02]
[HKCR\CLSID\{0CB58125-ED4E-4125-B72E-BA3435AC4421}] - (.-.) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACorePS.dll   
[HKCR\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}] - (.-.) - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll   
[HKCR\CLSID\{0F5FA46A-D17B-4978-8A4C-65474C8DF59F}] - (.-.) - C:\Program Files (x86)\McAfee\SiteAdvisor\saSubMgr.dll   
[HKCR\CLSID\{11111155-852c-48b9-8d43-61e5455392d3}] - (.© Waves Audio Ltd. - MaxxSpeech APO.) - C:\WINDOWS\SysWOW64\RTCOM\MaxxSpeechAPO.dll   [26/03/2015 20:11:04]
[HKCR\CLSID\{146D6153-C70C-4B96-8851-958A1F1B4CBE}] - (.eCareme Technologies, Inc. All rights reserved - SimpleAES.) - C:\Program Files (x86)\Common Files\AWS\2.1.11.399\SimpleAES.dll   [28/09/2010 02:44:42]
[HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll   
[HKCR\CLSID\{179F3D56-1B0B-42B2-A962-59B7EF59FE1B}] - (.-.) - C:\Windows\SysWOW64\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll   [15/09/2018 08:29:05]
[HKCR\CLSID\{181A38F4-6CE6-4edc-8DB0-6E5631963A1E}] - (.-.) - C:\Windows\SysWOW64\LocationFramework.dll   
[HKCR\CLSID\{1965FEA3-3896-438B-B789-F5981797E7E7}] - (.-.) - C:\Windows\SysWOW64\MapsBtSvcProxy.dll   
[HKCR\CLSID\{19C33CB5-4C9D-4ADE-835C-157ADBADA41F}] - (.-.) - C:\WINDOWS\SysWow64\fsled.ocx   [30/09/2017 10:52:02]
[HKCR\CLSID\{1A0AF39E-B30E-4174-9AF5-187EB932F596}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.33.3\psmachine.dll   
[HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\WINDOWS\System32\dmscript.dll   
[HKCR\CLSID\{1F41CA5B-8877-431D-AD85-6D795D79DADA}] - (.Next Generation Technologies - DMX Interface Driver.) - C:\WINDOWS\SysWow64\Afterglow.out.dll   [30/09/2017 10:52:06]
[HKCR\CLSID\{206FA6D0-A493-41FA-943D-3F655088F7B9}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{22D15128-88AF-4CC2-814D-60E5D5B98878}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.32.7\psmachine.dll   
[HKCR\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}] - (.-.) - "C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\X86\MpOav.dll"   
[HKCR\CLSID\{29B24532-6CE1-41BA-8BF0-F580EA174AF1}] - (.-.) - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll   
[HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\WINDOWS\System32\dmscript.dll   
[HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\WINDOWS\system32\dplayx.dll   
[HKCR\CLSID\{363BE3C0-DDD4-4B21-BC6D-7E9DF8CE19CB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{3A555849-2398-4D61-9B88-CA43CC659585}] - (.-.) - C:\Program Files (x86)\GoPro\Tools\JPEGS2Stream.dll   
[HKCR\CLSID\{3BAC5BDD-FCA1-4E2F-9062-6693E80016D8}] - (.-.) - C:\Program Files (x86)\Common Files\McAfee\Platform\PlatformServiceFWPS.dll   
[HKCR\CLSID\{3F052B8E-512B-419D-9E06-9B9ADDC7118C}] - (.-.) - C:\Windows\SysWOW64\MapsCSP.dll   
[HKCR\CLSID\{3F6E1591-7E04-4543-A07D-3132DDEE2CEE}] - (.(C) 2006 Next Generation Technologies - Afterglow Driver.) - C:\WINDOWS\SysWow64\AGlowdrv.dll   [30/09/2017 10:52:07]
[HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll   
[HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll   
[HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\WINDOWS\system32\d3dxof.dll   
[HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\WINDOWS\System32\dmscript.dll   
[HKCR\CLSID\{4FA480D8-32A4-4849-B774-DE8BD5242A4C}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.33.17\psmachine.dll   
[HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll   
[HKCR\CLSID\{55CB3F70-42A2-4B2D-BA9C-040059B124B2}] - (.-.) - C:\Program Files (x86)\GoPro\Tools\H264LPCMMOVMux.dll   
[HKCR\CLSID\{581FF853-7CEE-4B0A-92A9-466C9253F8F0}] - (.-.) - C:\WINDOWS\SysWow64\sldr.ocx   [30/09/2017 10:52:02]
[HKCR\CLSID\{58CBEE8A-DDE4-4CCF-A6E2-CF3925479A0E}] - (.-.) - C:\WINDOWS\SysWow64\fsledr.ocx   [30/09/2017 10:52:02]
[HKCR\CLSID\{590AB12E-F706-4BA8-9D08-A1EEC69A687D}] - (.-.) - C:\Program Files (x86)\Common Files\McAfee\platform\coreps.dll   
[HKCR\CLSID\{5DE7918B-BFD7-4C1E-B4E0-B16D0A3EA76B}] - (.-.) - C:\Windows\SysWOW64\AuthHostProxy.dll   
[HKCR\CLSID\{5EB699B3-9296-41BA-9258-DE70F03B7D6C}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{5EF1E9C8-A95A-44EE-BE61-600E932CBD36}] - (.-.) - C:\Program Files (x86)\GoPro\Tools\JPEGS2Stream.dll   
[HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\WINDOWS\system32\audiodev.dll   
[HKCR\CLSID\{649CCF8F-C1C9-4275-88B7-31CA8B31154C}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.30.3\psmachine.dll   
[HKCR\CLSID\{68F16E84-C606-4242-9CC0-FDC160BDE82C}] - (.©2002 EliteVB -.) - C:\WINDOWS\SysWow64\Threading.dll   [30/09/2017 10:52:02]
[HKCR\CLSID\{75BC6B63-B6F3-4F56-BD5B-26A290AD0F3C}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.33.5\psmachine.dll   
[HKCR\CLSID\{77B9224B-FC0C-4DEF-A909-602706487D85}] - (.-.) - C:\WINDOWS\SysWow64\prgs.ocx   [30/09/2017 10:52:02]
[HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\WINDOWS\System32\dmband.dll   
[HKCR\CLSID\{7C28A1F4-C72D-4C55-8AA1-C1E879A298E2}] - (.-.) - c:\FreeStyler\Plugins\SunTrix.dll   [30/09/2017 10:53:31]
[HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll   
[HKCR\CLSID\{8685C4A9-D0E4-444C-87A0-D9FB858235A7}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{882BC1E4-C79E-475D-8CC7-CC8D112FDB17}] - (.-.) - C:\Windows\SysWOW64\RMSRoamingSecurity.dll   
[HKCR\CLSID\{899A0679-CCA4-4836-A7AF-5081A5D7EEE6}] - (.-.) - C:\WINDOWS\SysWow64\prgsrnd.ocx   [30/09/2017 10:52:02]
[HKCR\CLSID\{95BD18C1-D7FB-4BD3-839A-1C37C90131B1}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{994B3B2F-2880-4318-A583-15C38A01F571}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{A020FAD9-D661-4857-AA43-E6A86FF1163E}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{A5584957-EF07-419C-BACD-9931F1256D92}] - (.(c) Guangming Software. - TTSObj.) - C:\WINDOWS\SysWow64\TTSObj.dll   [12/11/2017 14:15:51]
[HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll   
[HKCR\CLSID\{A8004167-E235-4148-A4E5-7C3108100200}] - (.©Conexant Systems Inc. - Conexant APO.) - C:\WINDOWS\SysWow64\RTCOM\CX32APO.dll   [26/03/2015 20:11:02]
[HKCR\CLSID\{A80362FF-CE76-4DD9-874A-704C57BF0D6A}] - (.-.) - c:\program files (x86)\realtek\audio\asio\rthdasio.dll   [26/03/2015 20:11:29]
[HKCR\CLSID\{A82536D7-C8E6-4CEF-AA66-11E97EDDFC6D}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll   
[HKCR\CLSID\{A95B959F-64A9-43E4-A874-C8A77905854A}] - (.-.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHVer.dll   
[HKCR\CLSID\{AA1818A9-65F1-4409-9E39-776529BE4132}] - (.c ASUSTek Computer Inc. - ASUS Smart Gesture Plus WMP Plugin.) - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\AsusSGPlusWmpPlugin.dll   [17/08/2016 16:53:02]
[HKCR\CLSID\{AA4CE0BA-E016-4FE4-B44C-3E4208100200}] - (.©Conexant Systems Inc. - Conexant APO.) - C:\WINDOWS\SysWow64\RTCOM\CX32APO.dll   [26/03/2015 20:11:02]
[HKCR\CLSID\{AEB45E0A-F413-44EE-AD90-4527B6B1B989}] - (.-.) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACorePS.dll   
[HKCR\CLSID\{BF5A7FAA-57D1-4FCF-88C1-B9D65A6AF11D}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.33.7\psmachine.dll   
[HKCR\CLSID\{BFB16C71-7209-4534-8A47-AD6BABC3A66F}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.31.5\psmachine.dll   
[HKCR\CLSID\{C64501F6-E6E6-451f-A150-25D0839BC510}] - (.-.) - C:\Windows\SysWOW64\speech\engines\tts\MSTTSEngine.dll   [15/09/2018 08:29:13]
[HKCR\CLSID\{C681FDA8-76B0-4B2B-AFDB-CDC01FF2AB42}] - (.-.) - c:\FreeStyler\Plugins\LedTrix.dll   [30/09/2017 10:53:31]
[HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\WINDOWS\System32\dmscript.dll   
[HKCR\CLSID\{CDAEB70C-E686-4299-93EB-7D63D77B7F63}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{D1EB6D20-8923-11d0-9D97-00A0C90A43CB}] - (.-.) - C:\WINDOWS\system32\dplayx.dll   
[HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\WINDOWS\System32\dmband.dll   
[HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll   
[HKCR\CLSID\{D6FCA954-F7AE-4EAC-8783-85F5E4ABD840}] - (.-.) - %windir%\system32\F12\pdmproxy100.dll   
[HKCR\CLSID\{D8E090A5-4149-467D-8103-BFB8F51E8BCB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll   
[HKCR\CLSID\{e8cc4cbf-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll   
[HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll   
[HKCR\CLSID\{F8BC3B89-DD15-4DA2-B936-CEA2B2A35053}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.29.5\psmachine.dll   
[HKCR\CLSID\{FA2C547D-4836-42F7-B64D-B5B78C693278}] - (.-.) - C:\WINDOWS\SysWow64\FSButton.ocx   [30/09/2017 10:52:02]
[HKCR\CLSID\{FA6C507D-A9AF-4385-86C0-80115F0AE20B}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{fdb00e52-a214-4aa1-8fba-4357bb0072ec}] - (.-.) - %windir%\system32\amsi.dll   

---------- | Installer

[HKCR\Installer\Products\0112BB5534BF3B94394F49A5C0BFA0C6] : Apple Mobile Device Support -> C:\WINDOWS\Installer\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}\Installer.ico
[HKCR\Installer\Products\0BDAC396B2691CA49A9359422B859C79] : Backup and Sync from Google -> C:\WINDOWS\Installer\{693CADB0-962B-4AC1-A939-9524B258C997}\DriveIcon
[HKCR\Installer\Products\1BF4A48A307DBD84980E866B94D98210] : Qualcomm Atheros Bluetooth Suite (64) -> C:\Windows\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\2A077E75FAB2AAC4AB3ADB98E622453D] : AudioWizard -> C:\Windows\Installer\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\3D3CAA92CF32D6942866E08333867685] : iCloud -> C:\WINDOWS\Installer\{29AAC3D3-23FC-496D-8266-0E3833686758}\ARP.ico
[HKCR\Installer\Products\50FA96906FF400C4496034952983EDD0] : ASUS Splendid Video Enhancement Technology -> C:\Windows\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe
[HKCR\Installer\Products\5141C34CCFD39804A923B0CE2FA80664] : Age of Empires III - The Asian Dynasties -> C:\Windows\Installer\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\57C766DBDDE037044A606ADDC90361BE] : Intel(R) Chipset Device Software
[HKCR\Installer\Products\5E3E958AF26CAFB4FAD1B2590E1366FA] : ASUS USB Charger Plus -> C:\Windows\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_853F67D554F05449430E7E.exe
[HKCR\Installer\Products\76E045AFC590B1A479ABD445D7CEA94F] : ASUS Live Update -> C:\Windows\Installer\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}\MyIcon2
[HKCR\Installer\Products\7C2F70F1F69543F48B50C2163A5EE0A5] : Device Setup -> C:\windows\Installer\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}\_6FEFF9B68218417F98F549.exe
[HKCR\Installer\Products\85757E4E84642084783D923E8F472B06] : Intel(R) Management Engine Components
[HKCR\Installer\Products\876762A7852AB17409535AE16058138C] : Intel(R) ME UninstallLegacy
[HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\WINDOWS\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico
[HKCR\Installer\Products\8E5775848BEADB6429B24282970ED35D] : Age of Empires III -> C:\Windows\Installer\{485775E8-AEB8-46BD-922B-242879E03DD5}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\8FDEEBF0AF033AF43BF19C7C7E8EFD2A] : ASUS Screen Saver -> C:\Windows\Installer\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}\_853F67D554F05449430E7E.exe
[HKCR\Installer\Products\95C06A52CDF037D4184F4D6A4D0EBC29] : Adobe AIR
[HKCR\Installer\Products\96CB86100811C994680449D532FEC449] : Age3XRec Renamer
[HKCR\Installer\Products\98669C18B5AED7B40AF46123E65CB12C] : iTunes -> C:\WINDOWS\Installer\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}\Installer.ico
[HKCR\Installer\Products\9A9450A669B1C894CACB933400F1BE91] : Skype™ 7.15 -> C:\Windows\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
[HKCR\Installer\Products\9F8AA55D5DD1DFE4BBAA87975A3CA2CC] : Epic Games Launcher -> C:\WINDOWS\Installer\{D55AA8F9-1DD5-4EFD-BBAA-7879A5C32ACC}\Installer.ico
[HKCR\Installer\Products\9FA444B1EBD14884F85369B9FEFC968A] : Intel® Trusted Connect Service Client
[HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper
[HKCR\Installer\Products\AA74CE6531856FF4E857450462BFAE38] : Apple Software Update -> C:\WINDOWS\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\Installer.ico
[HKCR\Installer\Products\AFA4F99CC23B360468C57D5BCCA087BF] : Update for Windows 10 for x64-based Systems (KB4023057)
[HKCR\Installer\Products\B7006E469AD1DC24BB4E5DAF767A7CD1] : Apple Application Support (64 bits) -> C:\WINDOWS\Installer\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}\WinInstall.ico
[HKCR\Installer\Products\B8EF49F336DBC8E4F98006B21E69E1D1] : Intel(R) Management Engine Components
[HKCR\Installer\Products\BAF1BFB94CF8AAF4B9D2B22181436B95] : Adobe Flash Player 11 Plugin -> C:\WINDOWS\Installer\{9BFB1FAB-8FC4-4FAA-9B2D-2B121834B659}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\BB6E67CFBBC76DC41887B3ACCD50623C] : Foxit PhantomPDF -> C:\windows\Installer\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}\IconName.exe
[HKCR\Installer\Products\C42A80C1861BE7048A6286AF5F2F7001] : Age of Empires III - The WarChiefs -> C:\Windows\Installer\{1C08A24C-B168-407E-A826-68FAF5F20710}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\CC3895FEB4C72D5863AB9511361A51E9] : Scratch 2 Offline Editor
[HKCR\Installer\Products\CFC6D5D37903A524D8F8E7FAD57546D1] : Garmin USB Drivers -> C:\WINDOWS\Installer\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}\GarminSetup.ico
[HKCR\Installer\Products\DAAC970D13C02A74A95F8AF2C99D2B12] : Apple Application Support (32 bits) -> C:\WINDOWS\Installer\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}\WinInstall.ico
[HKCR\Installer\Products\E19212F84440D1B49B9F34077AE343D6] : WinFlash -> C:\Windows\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon
[HKCR\Installer\Products\E339C5BAD7C503D43B41C9384AB949EB] : ATK Package -> C:\Windows\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe
[HKCR\Installer\Products\E85CE1EACA2B95944A2C3C28202A2593] : Garmin WebUpdater -> C:\WINDOWS\Installer\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}\GarminSetup.ico
[HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\WINDOWS\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico

---------- | ADS


---------- | Drives


---------- | MBR


64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin

---------- | 20 LastEventLog

La collecte des données des compteurs de performance a été désactivée à partir du service « Outlook » car la bibliothèque de compteurs de performance pour ce service a généré une ou plusieurs erreurs. Les erreurs à l’origine de cette action ont été écrites dans le journal des événements des applications. Corrigez les erreurs avant d’activer les compteurs de performance pour ce service.
------------

Windows ne peut pas ouvrir la DLL de compteur extensible 64 bits C:\Program Files\Microsoft Office\Office15\OLMAPI32.DLL dans un environnement 32 bits (code d'erreur Win32 C:\Program Files\Microsoft Office\Office15\OLMAPI32.DLL n’est pas une application Win32 valide.). Contactez le fournisseur du fichier pour obtenir une version 32 bits. Si vous exécutez un environnement natif 64 bits, vous pouvez également ouvrir la DLL de compteur extensible 64 bits en utilisant la version 64 bits de l’Analyseur de performances. Pour utiliser cet outil, ouvrez le dossier Windows, puis le dossier System32 et démarrez Perfmon.exe.
------------

Nom de l’application défaillante iCloudPhotos.exe, version : 105.0.0.54, horodatage : 0x57f2c9f3
Nom du module défaillant : iCloudPhotos_main.dll, version : 105.0.0.54, horodatage : 0x57f5de6b
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00026eb8
ID du processus défaillant : 0x2270
Heure de début de l’application défaillante : 0x01d4cd0865865863
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Chemin d’accès du module défaillant: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos_main.dll
ID de rapport : 228b399b-3860-449e-98ca-87736693e9df
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante iCloudPhotos.exe, version : 105.0.0.54, horodatage : 0x57f2c9f3
Nom du module défaillant : iCloudPhotos_main.dll, version : 105.0.0.54, horodatage : 0x57f5de6b
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00026eb8
ID du processus défaillant : 0x19b8
Heure de début de l’application défaillante : 0x01d4cb4847e7f914
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Chemin d’accès du module défaillant: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos_main.dll
ID de rapport : 5972235a-0edc-4db3-b6f7-d0de9a38431b
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A
------------

Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A
------------

Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A
------------

Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A
------------

Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 et l’APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 au SID pc-loic\Loïc de l’utilisateur (S-1-5-21-4117569676-3186425540-4251289028-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
------------

Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID 
Windows.SecurityCenter.WscDataProtection
 et l’APPID 
Non disponible
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
------------

Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID 
Windows.SecurityCenter.SecurityAppBroker
 et l’APPID 
Non disponible
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
------------

Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID 
Windows.SecurityCenter.WscBrokerManager
 et l’APPID 
Non disponible
 au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
------------

Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 et l’APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 au SID pc-loic\Loïc de l’utilisateur (S-1-5-21-4117569676-3186425540-4251289028-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
------------

Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 et l’APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 au SID pc-loic\Loïc de l’utilisateur (S-1-5-21-4117569676-3186425540-4251289028-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
------------

Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 et l’APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 au SID pc-loic\Loïc de l’utilisateur (S-1-5-21-4117569676-3186425540-4251289028-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
------------

Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 et l’APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 au SID pc-loic\Loïc de l’utilisateur (S-1-5-21-4117569676-3186425540-4251289028-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
------------

Le serveur {A47979D2-C419-11D9-A5B4-001185AD2B89} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
------------

Le service Extensions et notifications des imprimantes est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement.
------------

Le service iphlpsvc s’est arrêté avec l’erreur : 
Le périphérique n’est pas prêt.
------------


----------( EOF)---------- - 8829 | 17:08:28